-
Notifications
You must be signed in to change notification settings - Fork 356
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
'aud' claim is not necessarily a string #114
Comments
Hi, we put a depreciation notice on The good news is we also introduced a new type: Lines 24 to 45 in c0ffb89
|
One other thing to point out, the RFC is vague, unfortuantely.
So we've added an option Lines 116 to 119 in 80625fb
|
Thanks @mfridman, that makes sense. We'll give Closing this as I have nothing to add. |
Hi. Was wiring things up in a service and noticed that
jwt.StandardClaims
assumesaud
is a string.According to the RFC https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.3 this field can sometimes be a
string
. The way its written leads me to believe a[]string
is actually more common, but that's interpretation.The quick way I found around this was to use
jwt.MapClaims
and serialize + deserialize this into a custom struct. Could this be improved by transformingaud
into ainterface{}
and having a method onjwt.StandardClaims
like:Simple tests to verify it works at some level at least:
If
aud
is the only parameter that can be either astring
or a[]string
adding a new type might be a more pleasant experience:Is there already a way to deal with this in a typed fashion instead of dealing with the untyped
jwt.MapClaims
?The text was updated successfully, but these errors were encountered: