44
55### The generated JWT token can be decoded, is this correct and secure?
66
7- This is the expected behaviour . While the integrity of tokens is ensured by the generated/verified hash,
7+ This is the expected behavior . While the integrity of tokens is ensured by the generated/verified hash,
88the contents of the token are only ** encoded and not encrypted** . This means you can be sure the token
99has not been modified by an unauthorized party, but you should not store confidential information in it.
1010Anyone with access to the token can read all the claims you put into it. They can however not modify
@@ -26,7 +26,7 @@ Here are a few links for your convenience:
2626### Can this library encrypt/decrypt claims?
2727
2828No it does not, see [ #115 ] ( https://github.com/Thalhammer/jwt-cpp/issues/115 ) for more details.
29- More importantly you probably dont want to be using JWTs for anything sensitive. Read [ this] ( https://stackoverflow.com/a/43497242/8480874 )
29+ More importantly you probably don't want to be using JWTs for anything sensitive. Read [ this] ( https://stackoverflow.com/a/43497242/8480874 )
3030for more.
3131
3232### Why are my tokens immediately expired?
@@ -53,8 +53,8 @@ That should result in the token being rejected. For more details checkout [#194]
5353This was brought up in [#212](https://github.com/Thalhammer/jwt-cpp/issues/212#issuecomment-1054344192) and
5454[#101](https://github.com/Thalhammer/jwt-cpp/issues/101) as it's an excellent question.
5555
56- It simply was not required to handle the required keys in JWTs for signing or verification. All the the mandatory keys are numeric,
57- string or array types which required type definitions and access.
56+ It simply was not required to handle the required keys in JWTs for signing or verification. All the the mandatory keys
57+ are numeric, string or array types which required type definitions and access.
5858
5959The alternative is to use the `to_json()` method and use the libraries own APIs to pick the data type you need.
6060
@@ -63,13 +63,16 @@ The alternative is to use the `to_json()` method and use the libraries own APIs
6363### Missing \_HMAC and \_EVP_sha256 symbols on Mac
6464
6565There seems to exists a problem with the included openssl library of MacOS. Make sure you link to one provided by brew.
66- See [here ](https://github.com/Thalhammer/jwt-cpp/issues/6) for more details.
66+ See [#6 ](https://github.com/Thalhammer/jwt-cpp/issues/6) for more details.
6767
6868### Building on windows fails with syntax errors
6969
70- The header `<Windows.h>`, which is often included in windowsprojects, defines macros for MIN and MAX which screw up std::numeric_limits.
71- See [here](https://github.com/Thalhammer/jwt-cpp/issues/5) for more details. To fix this do one of the following things:
70+ The header `<Windows.h>`, which is often included in Windows projects, defines macros for MIN and MAX which conflicts
71+ with `std::numeric_limits`. See [#5](https://github.com/Thalhammer/jwt-cpp/issues/5) for more details or
72+ [this StackOverflow thread](https://stackoverflow.com/questions/13416418/define-nominmax-using-stdmin-max).
7273
73- * define NOMINMAX, which suppresses this behaviour
74- * include this library before you include windows.h
74+ To fix this do one of the following things:
75+
76+ * define `NOMINMAX`, which suppresses this behavior
77+ * include this library before you `#include <Windows.h>`
7578* place `#undef max` and `#undef min` before you include this library
0 commit comments