Ghost

mirror of https://github.com/TryGhost/Ghost.git synced 2024-12-23 19:02:29 +03:00

History

Naz 9756094ae2 🐛 Fixed signing key mismatching in JWT/JWKS refs https://github.com/TryGhost/Team/issues/1640 closes https://github.com/TryGhost/Members/pull/401/ refs https://forum.ghost.org/t/ghost-jwt-question-possible-bug/30210 - Without `keyid` parameter some of the clien libraries were not able to match the signin key to verify JWT - Missing `keyid` parameter allows to indicate the key used to secure JWS (as per https://www.rfc-editor.org/rfc/rfc7515#section-4.1.4) and resolves the automatic matching issue on the client. - The `kid` parameter was left in claims to avoid accidental breaking changes.		2022-05-23 18:45:08 +08:00
..
lib	🐛 Fixed signing key mismatching in JWT/JWKS	2022-05-23 18:45:08 +08:00
test	Added test coverage for JWKS token verification	2022-05-23 17:59:33 +08:00
.eslintrc.js	Removed trailing commas from .eslintrc.js	2021-07-14 12:04:46 +01:00
.gitignore	Refactor members-api (#231 )	2021-01-18 13:55:40 +00:00
index.js	Fixed index.js require	2021-07-15 18:06:45 +01:00
package.json	Added test coverage for JWKS token verification	2022-05-23 17:59:33 +08:00