-
Notifications
You must be signed in to change notification settings - Fork 111
Parse token error ignored #73
Comments
@stevesloka
i focused the result of decoding Header of idToken in TestParseToken idToken in testcode:
I wonder which "alg" I should choose. |
@u5surf yeah that's what I ran into when I found this bug. I'm not 100% sure how to make the library parse correctly. If you look at this second example, I think we can remove the check for the signature and the token will show up as 'invalid'. See (https://godoc.org/github.com/dgrijalva/jwt-go#Parse) under the example |
@stevesloka I chached checking rules following ErrorChecking of https://godoc.org/github.com/dgrijalva/jwt-go#Parse |
Also correct the JWT signatures in the now failing handler tests.
Currently, the parse token method (https://github.com/heptiolabs/gangway/blob/master/cmd/gangway/handlers.go#L190) which takes an
id_token
and processes swallows the returned error.Need to look into how to properly handle this error and not ignore. For exampe, if you pass a token
foo
it won't return an error.The text was updated successfully, but these errors were encountered: