2021-11-02 07:43:52 +00:00
# Dumb JOSE
Insecure library for a set of insecure formats.
2021-11-02 09:11:23 +00:00
It aims to provide inflexible verification for cases where you unfortunately can't avoid touching JWT.
## Requirements
* Go *>= 1.17*
## Disclaimer
Don't use JWT. You don't need me to tell you about it.
Likewise, you shouldn't need me to tell you that you shouldn't use this library.
## Goals
* Just enough JWT for people to speak commonly encountered OAuth 2.0 and alike.
* Don't allow for any of the sharp edges.
* Allow for binding domain parameters as much as possible to the public keys.
2021-11-03 17:41:03 +00:00
* Extensive test coverage even if a particular case seems pedantic, guaranteed to be handled properly and/or improbable to be problematic.
2021-11-02 09:11:23 +00:00
## Non-Goals
* Signing capabilities.
* Anything that has to do with encryption or key exchange.
* Be 100% compliant with the standard.
2021-11-02 07:43:52 +00:00
## License
2021-11-02 09:11:23 +00:00
This repository is licensed under the `BSD-3-Clause` . Refer to [LICENSE ](https://github.com/aydinmercan/dumb-jose/blob/main/LICENSE ) for more information.