We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The spec describes that if no _sd_alg property is present at the top-level, a default value of sha-256 MUST be used.
_sd_alg
sha-256
So I think we need to tweak the checkHasher method to use this as value to compare against the algorithm.
checkHasher
If the _sd_alg claim is not present at the top level, a default value of sha-256 MUST be used.
https://datatracker.ietf.org/doc/html/draft-ietf-oauth-selective-disclosure-jwt-06#name-hash-function-claim
The text was updated successfully, but these errors were encountered:
Might also be nice to add a sdAlg getter on the Sd JWt to get the property value, or the default if not defined
sdAlg
Sorry, something went wrong.
No branches or pull requests
The spec describes that if no
_sd_alg
property is present at the top-level, a default value ofsha-256
MUST be used.So I think we need to tweak the
checkHasher
method to use this as value to compare against the algorithm.https://datatracker.ietf.org/doc/html/draft-ietf-oauth-selective-disclosure-jwt-06#name-hash-function-claim
The text was updated successfully, but these errors were encountered: