From 4f621ae0f080b7142b809664c5daa15a5b387e01 Mon Sep 17 00:00:00 2001 From: Mattt Zmuda Date: Fri, 13 Dec 2024 05:12:07 -0800 Subject: [PATCH] Update Parse example to use WithValidMethods --- hmac_example_test.go | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/hmac_example_test.go b/hmac_example_test.go index 1b1edf4..f8f8c26 100644 --- a/hmac_example_test.go +++ b/hmac_example_test.go @@ -49,14 +49,9 @@ func ExampleParse_hmac() { // head of the token to identify which key to use, but the parsed token (head and claims) is provided // to the callback, providing flexibility. token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) { - // Don't forget to validate the alg is what you expect: - if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { - return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"]) - } - // hmacSampleSecret is a []byte containing your secret, e.g. []byte("my_secret_key") return hmacSampleSecret, nil - }) + }, jwt.WithValidMethods([]string{jwt.SigningMethodHS256.Alg()})) if err != nil { log.Fatal(err) }