jose v0.2.2 Release Notes
Release Date: 2015-01-07 // over 9 years ago-
- ๐ RFC compliance fixes (patch contributed by jaimeperez)
Important: This change introduces a temporarily injected key (__v) in order to distinguish between legacy and newly issued tokens. This allows for the use of either token as to not break backwards compatibility and (possibly) ๐ degrade user experience. This will be removed for v1.0.
In order to verify whether or not clients are using a legacy token, the application code can verify whether or not the key "__v" is contained in the headers (this can be done after deserialize_compact). The existence of the key identifies a newly created token.