liquidz
fdaa2c60d1
see #13 add tests and update readme
2015-04-02 20:39:21 +09:00
liquidz
63f80fb453
see #13 add optional paramter that specifies algorithm to verify function
2015-04-02 07:38:32 +09:00
liquidz
d65835283b
#10 bugfix: public-key-from-string on invalid key string
2015-02-26 07:43:08 +09:00
liquidz
63244e4330
see #9 code refinement
2014-09-15 23:22:48 +09:00
liquidz
9da81ace39
see #9 Merge branch 'master' of https://github.com/ShaneKilkelly/clj-jwt into ShaneKilkelly-master
2014-09-15 23:17:17 +09:00
Shane Kilkelly
d07210c4d1
Validating an unsigned token with a key should be false.
...
If the token supplied to the `verify` function is has a signature which
is an empty-string, the key is ignored, presuming that the token is
unsigned and that the calling code is not interested in ensuring the
token has been signed.
If the calling code is trying to verify that the token was signed with
their secret key, it is possible for a completely unsigned token to be
accepted as valid.
This patch adds a check to ensure that if the token is unsigned, but a
non-empty key was supplied to `validate`, then the token is considered
to not be valid.
2014-09-13 17:23:53 +01:00
liquidz
78bc74cff3
#5 bug fix: handling string key problem
2014-06-19 21:54:25 +09:00
liquidz
c611871156
#5 bug fix for claims containing string key
2014-06-18 22:24:16 +09:00
liquidz
fc1ae52a92
see add clj-jwt.intdate which convert joda-time and IntDate value each other
2014-04-20 18:34:15 +09:00
liquidz
f6ee1dd2c6
update for clojure 1.6.0
2014-04-19 21:21:35 +09:00
liquidz
adbfeaa3c2
#2 fix :iat type in tests
2013-08-09 23:50:41 +09:00
liquidz
eefbad3d55
add key.public-key-from-string to get public key from String
2013-07-25 21:48:27 +09:00
liquidz
a17f6f3623
support ECDSA algorithm
2013-05-06 01:26:11 +09:00
liquidz
6bcc5e5ccd
rename namespace
2013-05-03 00:52:40 +09:00
liquidz
1fd4ad1569
add key tests
2013-05-03 00:47:25 +09:00
liquidz
6c5d5f3b88
add rsa.key tests. update base64 encode/decode functions
2013-05-01 23:56:20 +09:00
liquidz
64e928925b
add verify, update jwt.rsa.key to handle pass phrase
2013-05-01 09:42:50 +09:00
liquidz
b6c6a2403d
add str->jwt
2013-04-29 23:46:25 +09:00
liquidz
3a11c2cff5
first commit
2013-04-29 22:24:41 +09:00