From 0db2f42ba9b22574855de11c4c017c9c0379dbaf Mon Sep 17 00:00:00 2001
From: bt-nia <74181389+bt-nia@users.noreply.github.com>
Date: Fri, 21 Jun 2024 15:18:14 +0000
Subject: [PATCH] adjust documentation

---
 parser.go | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/parser.go b/parser.go
index ecf99af..ff5c886 100644
--- a/parser.go
+++ b/parser.go
@@ -215,13 +215,13 @@ func (p *Parser) DecodeSegment(seg string) ([]byte, error) {
 	return encoding.DecodeString(seg)
 }
 
-// Parse parses, validates, verifies the signature and returns the parsed token.
-// keyFunc will receive the parsed token and should return the cryptographic key
-// for verifying the signature. The caller is strongly encouraged to set the
-// WithValidMethods option to validate the 'alg' claim in the token matches the
-// expected algorithm. For more details about the importance of validating the
-// 'alg' claim, see
-// https://auth0.com/blog/critical-vulnerabilities-in-json-web-token-libraries/
+// Parse parses, validates, verifies the signature, and returns the parsed token. 
+// When a keyFunc is set and a tokenString is provided, the library will not accept 
+// the 'none' type algorithm, ensuring security by default. However, it is strongly 
+// recommended to explicitly specify the allowed algorithms using the WithValidMethods 
+// option to ensure the 'none' type algorithm is definitively rejected. For more 
+// information on the importance of validating the 'alg' claim, see 
+// https://auth0.com/blog/critical-vulnerabilities-in-json-web-token-libraries/.
 func Parse(tokenString string, keyFunc Keyfunc, options ...ParserOption) (*Token, error) {
 	return NewParser(options...).Parse(tokenString, keyFunc)
 }