You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The docs state here that the library "verifies that the given ID token is valid using the cached public keys.".
My interpretation of this is, that the token signature validity is checked using a given public key. When i look at the implementation i can't see any code related to signature verification. Am i missing something, or is it correct that this library is not doing signature verification?
The text was updated successfully, but these errors were encountered:
The docs state here that the library "verifies that the given ID token is valid using the cached public keys.".
My interpretation of this is, that the token signature validity is checked using a given public key. When i look at the implementation i can't see any code related to signature verification. Am i missing something, or is it correct that this library is not doing signature verification?
The text was updated successfully, but these errors were encountered: