This repository has been archived by the owner on Feb 25, 2019. It is now read-only.
Manual Multi-signature JWT verification #11
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Current behaviour when calling
JWT.verify({ serialized: token, jwk: '...' })-- where the caller provides the public JWK for signature verification -- is that only one key may be provided.This problem is only for the case where the caller is passing in the JWKs for signature verification. The default behaviour of using the JWKSet Cache to look up keys etc. will still look up all necessary keys and verify all signatures as expected.
The text was updated successfully, but these errors were encountered: