Merge pull request #65 from auth0/4.x.x-dev

allow to configure the algorithm supported for token verification
auth0 · Jan 27, 2017 · 835a267 · 835a267
2 parents 8569156 + 924fe4b
commit 835a267
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 0 deletions.
diff --git a/src/Auth0/Login/Auth0Service.php b/src/Auth0/Login/Auth0Service.php
@@ -131,6 +131,7 @@ public function decodeJWT($encUser)
 
         $verifier = new JWTVerifier([
             'valid_audiences' => [config('laravel-auth0.client_id'), config('laravel-auth0.api_identifier')],
+            'suported_algs' => config('laravel-auth0.supported_algs', ['HS256']),
             'client_secret' => config('laravel-auth0.client_secret'),
             'authorized_iss' => config('laravel-auth0.authorized_issuers'),
             'secret_base64_encoded' => $secret_base64_encoded,

diff --git a/src/config/config.php b/src/config/config.php
@@ -81,4 +81,13 @@
     */
     // 'secret_base64_encoded'  => true,
 
+    /*
+    |--------------------------------------------------------------------------
+    |   Supported algs by your API
+    |--------------------------------------------------------------------------
+    |   Algs supported by your API
+    |
+    */
+    // 'suported_algs'        => ['HS256'],
+
 );