Signature Notification missleading

Question

Signature Notification missleading

Closed this issue 5 years ago · 4 comments

I had the case, where i found the right key of an JWT-Token. I wanted to verify it with this plugin. But since my system time was before the iat, the token was shown as followed:

It would be helpfull to visualize when a signature was correctly formed/tested. Since other users would get a similar effect when verifying against an expired token. The information of an unmet claim is helpful, but not as important as being able to build correct signatures. From a user point of view it is unclear if the information beneath the red "warning" is extra information or the reason for the red warning. I suggest either to do the coloring only on the Signature/Key part and without the claim testing (Since claims are shown in the bottom corner) or color it like a traffic light and use yellow when a claim is missing but the signature could be verified.

Answer 1 · 2019-08-09T06:21:17.000Z

Hi Tobi
Good input, the red button should be clearer. In this case yellow and more detailed information seems sensible. On my todo list.
Cheers

Answer 2 · 2019-08-09T08:35:44.000Z

I could give it a shot the next two days if you don't mind?

Answer 3 · 2019-08-09T08:36:57.000Z

Pull requests are welcome!

Answer 4 · 2019-08-09T13:45:11.000Z

https://github.com/mvetsch/JWT4B/releases/tag/1.8