jmercan
/
dumb-jose
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity
Insecure library for an insecure format
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
13 Commits
1 Branch
0 Tags
41 KiB
 
Tag: Branch: Tree: main
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'main'
${ noResults }
Go to file
Aydin Mercan 89cb6ced09
continuous-integration/woodpecker the build was successful
Details
readme: add woodpecker badge 		2 years ago
.github/workflows ci/github: fix typo 2 years ago
internal/publickey internal/publickey: add eddsa tests 2 years ago
jwk internal/publickey: add eddsa tests 2 years ago
.woodpecker.yml ci: setup woodpecker 2 years ago
LICENSE initial commit 2 years ago
README.md readme: add woodpecker badge 2 years ago
go.mod mod: update dependency 2 years ago
go.sum mod: tidy dependencies 2 years ago

README.md

Dumb JOSE

treehouse-ci github-action

Insecure library for a set of insecure formats. It aims to provide inflexible verification for cases where you unfortunately can't avoid touching JWT.

Requirements

  • Go >= 1.17

Disclaimer

Don't use JWT. You don't need me to tell you about it. Likewise, you shouldn't need me to tell you that you shouldn't use this library.

Goals

  • Just enough JWT for people to speak commonly encountered OAuth 2.0 (esp. with OIDC) and alike.
  • Don't allow for any of the sharp edges.
  • Allow for binding domain parameters as much as possible to the public keys.
  • Extensive test coverage even if a particular case seems pedantic, guaranteed to be handled properly and/or improbable to be problematic.

Non-Goals

  • Signing capabilities.
  • Anything that has to do with encryption, key exchange or MACs.
  • Be 100% compliant with the standard.

License

This repository is licensed under the BSD-3-Clause. Refer to LICENSE for more information.