Skip to content

v5.5.0

Compare
Choose a tag to compare
@bshaffer bshaffer released this 04 Nov 16:28
cf81444

!!IMPORTANT!!

The recommended usage of this library has changed.
A Key object should now be used as the second argument to JWT::decode instead of using the
allowed_algs array. This will prevent key/algorithm type confusion:

// Previous way to call "decode"
Firebase\JWT\JWT::decode($jwt, $publicKey, ['RS256']);

// New (safer) way to call "decode"
$key = new Firebase\JWT\Key($publicKey, 'RS256');
Firebase\JWT\JWT::decode($jwt, $key);

Please see #351 for more information on the issue, and #365 for the merged changes.
The README has also been updated to reflect the new usage.