include::../description.adoc[]

== Noncompliant Code Example

https://github.com/jwt-dotnet/jwt[jwt-dotnet] library:

----
var decodedtoken1 = decoder.Decode(token, secret, verify: false); // Noncompliant: signature should be verified

var decodedtoken2 = new JwtBuilder()
   .WithSecret(secret)
   .Decode(forgedtoken1); // Noncompliant: signature should be verified
----

== Compliant Solution

https://github.com/jwt-dotnet/jwt[jwt-dotnet] library:

----
var decodedtoken1 = decoder.Decode(forgedtoken1, secret, verify: true); // Compliant

var decodedtoken2 = new JwtBuilder()
   .WithSecret(secret)
   .MustVerifySignature()
   .Decode(token); // Compliant
----

include::../see.adoc[]

ifdef::rspecator-view[]
== Comments And Links
(visible only on this page)

include::comments-and-links.adoc[]
endif::rspecator-view[]