- edited description
option to require some integrity protection in JWT validation
Issue #121
closed
Add an option to JwtConsumerBuilder
/ JwtConsumer
to require that the JWT have some integrity protection, either a signature/MAC JWS or a JWE using a symmetric key management algorithm.
This would be useful in cases where one wants to accept JWTs that could be potentially signed and/or encrypted but want to ensure that some kind of integrity protection is in place.
Comments (3)
-
reporter -
reporter - changed status to resolved
e4828d7 addressed this with an option on JwtConsumerBuilder/JwtConsumer to require that the JWT have some integrity protection, either a signature/MAC JWS or a JWE using a symmetric key management algorithm.
-
reporter - changed status to closed
released with jose4j-0.6.4
- Log in to comment