Validation
struct Validation
Contains the various validations that are applied after decoding a JWT.
Which claims are required to be present before starting the validation.
Which claims are required to be present before starting the validation.
Which claims are required to be present before starting the validation.
NOTE: This does not interact with the various validate_*. If you remove exp from that list, you still need
to set validate_exp to false.
The only value that will be used are "exp", "nbf", "aud", "iss", "sub". Anything else will be ignored.
Add some leeway (in seconds) to the exp and nbf validation to
account for clock skew.
Add some leeway (in seconds) to the exp and nbf validation to
account for clock skew.
Add some leeway (in seconds) to the exp and nbf validation to
account for clock skew.
Reject a token some time (in seconds) before the exp to prevent
expiration in transit over the network.
Reject a token some time (in seconds) before the exp to prevent
expiration in transit over the network.
Reject a token some time (in seconds) before the exp to prevent
expiration in transit over the network.
The value is the inverse of leeway, subtracting from the validation time.
Whether to validate the exp field.
Whether to validate the exp field.
Whether to validate the exp field.
It will throw an error if the time in the exp field is past.
Whether to validate the nbf field.
Whether to validate the nbf field.
Whether to validate the nbf field.
It will throw an error if the current timestamp is before the time in the nbf field.
Validation only happens if nbf claim is present in the token.
Adding nbf to required_spec_claims will make it required.
Validation will check that the aud field is a member of the
audience provided and will error otherwise.
Validation will check that the aud field is a member of the
audience provided and will error otherwise.
Validation will check that the aud field is a member of the
audience provided and will error otherwise.
Validation only happens if aud claim is present in the token.
Adding aud to required_spec_claims will make it required.
If it contains a value, the validation will check that the iss field is a member of the
iss provided and will error otherwise.
Use set_issuer to set it
If it contains a value, the validation will check that the iss field is a member of the
iss provided and will error otherwise.
Use set_issuer to set it
If it contains a value, the validation will check that the iss field is a member of the
iss provided and will error otherwise.
Use set_issuer to set it
Validation only happens if iss claim is present in the token.
Adding iss to required_spec_claims will make it required.
If it contains a value, the validation will check that the sub field is the same as the
one provided and will error otherwise.
If it contains a value, the validation will check that the sub field is the same as the
one provided and will error otherwise.
If it contains a value, the validation will check that the sub field is the same as the
one provided and will error otherwise.
Validation only happens if sub claim is present in the token.
Adding sub to required_spec_claims will make it required.
The validation will check that the alg of the header is contained
in the ones provided and will error otherwise. Will error if it is empty.
The validation will check that the alg of the header is contained
in the ones provided and will error otherwise. Will error if it is empty.
The validation will check that the alg of the header is contained
in the ones provided and will error otherwise. Will error if it is empty.
Whether to validate the JWT signature. Very insecure to turn that off
Whether to validate the JWT signature. Very insecure to turn that off
Whether to validate the JWT signature. Very insecure to turn that off