53 lines
1.0 KiB
Plaintext
53 lines
1.0 KiB
Plaintext
== Why is this an issue?
|
|
|
|
include::../description.adoc[]
|
|
|
|
=== Noncompliant code example
|
|
|
|
For https://github.com/jpadilla/pyjwt[pyjwt] module:
|
|
|
|
[source,python]
|
|
----
|
|
jwt.decode(token, verify = False) # Noncompliant
|
|
jwt.decode(token, key, options={"verify_signature": False}) # Noncompliant
|
|
----
|
|
For https://github.com/davedoesdev/python-jwt[python_jwt] module:
|
|
|
|
[source,python]
|
|
----
|
|
jwt.process_jwt(token) # Noncompliant
|
|
----
|
|
|
|
=== Compliant solution
|
|
|
|
For https://github.com/jpadilla/pyjwt[pyjwt] module:
|
|
|
|
[source,python]
|
|
----
|
|
jwt.decode(token, key, algo)
|
|
----
|
|
For https://github.com/davedoesdev/python-jwt[python_jwt] module:
|
|
|
|
[source,python]
|
|
----
|
|
jwt.process_jwt(token) # Compliant because followed by verify_jwt()
|
|
jwt.verify_jwt(token, key, algo)
|
|
----
|
|
|
|
include::../see.adoc[]
|
|
|
|
ifdef::env-github,rspecator-view[]
|
|
|
|
'''
|
|
== Implementation Specification
|
|
(visible only on this page)
|
|
|
|
include::../message.adoc[]
|
|
|
|
'''
|
|
== Comments And Links
|
|
(visible only on this page)
|
|
|
|
include::comments-and-links.adoc[]
|
|
endif::env-github,rspecator-view[]
|