featurehelp wanted
仓库指标
- Star
- (34,843 star)
- PR 合并指标
- (平均合并 57天 13小时) (30 天内合并 62 个 PR)
描述
As detailed here, JWT verification functions should require specifying the algorithm that should have been used, in order to prevent an attacker from changing the algorithm to a symmetric algorithm from an asymmetric one and using the public key to sign the token. Probably low priority for this particular app, but it would be good to at least have the option.