Skip to content

fix: use JWTPublicKey for ECDSA token parsing#487

Merged
lakhansamani merged 1 commit intomainfrom
fix/ecdsa-jwt-public-key
Mar 1, 2026
Merged

fix: use JWTPublicKey for ECDSA token parsing#487
lakhansamani merged 1 commit intomainfrom
fix/ecdsa-jwt-public-key

Conversation

@lakhansamani
Copy link
Contributor

@lakhansamani lakhansamani commented Mar 1, 2026

Summary

  • Fixed ECDSA (ES256/ES384/ES512) token parsing to use JWTPublicKey instead of JWTSecret
  • Signing correctly used JWTPrivateKey but parsing was incorrectly using JWTSecret

Test plan

  • Verify ECDSA token signing and parsing works correctly
  • Run existing JWT tests

Fixes #476

@lakhansamani
fix: use JWTPublicKey for ECDSA token parsing
796ecdc 
The ParseJWTToken function incorrectly used JWTSecret instead of
JWTPublicKey for ECDSA (ES256/ES384/ES512) token validation.

Fixes #476
@lakhansamani lakhansamani merged commit fca7aed into main Mar 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

ECDSA JWT parsing uses JWTSecret instead of JWTPublicKey

1 participant

@lakhansamani