Support JWS Payloads that are not JSON
radamson opened this issue · 2 comments
Thanks for all the hard work on this project!
Currently json-jwt appears to only support JWS payloads which are valid JSON objects and trying to decode a JWS with a payload that is not a valid JSON object throws an exception.
e.g.
token = "eyJ6a..." # Truncated for readability. Encoded payload is not a valid JSON Obect.
decoded_token = decoded_token = JSON::JWT.decode token, :skip_verificationThrows json-jwt-1.13.0/lib/json/jose.rb:68:in rescue in decode': Invalid JSON Format (JSON::JWT::InvalidFormat). This exception seems to be thrown when rescuing a JSON::ParserError which originates here:
Line 187 in a2b4c15
The JWS RFC defines the JWS Payload as:
The sequence of octets to be secured -- a.k.a. the message. The payload can contain an arbitrary sequence of octets.
and the example in Section 3.3 says that
(Note that the payload can be any content and need not be a representation of a JSON object.)
Any thoughts on this or the feasibility of supporting JWS payloads of any type?
Any updates on this?
I don't have any plans to support this pattern now.