mikyll commented on PR #11282: URL: https://github.com/apache/apisix/pull/11282#issuecomment-2366776386
@shreemaan-abhishek I've done the rebase with master, and I also left a reply to your comment. Possible enhancements for that `get_real_payload()` concern, that come to my mind are: - (simplest one) **revert the changes to the public API** and make a test case for the `key_claim_name` scenario that just uses a hardcoded token, without generating it with the public API; - prevent the usage of `exp` and `nbf` claims as values for the `key_claim_name` **query parameter in the public API** (e.g. calls to `apisix_host:9180/apisix/plugin/jwt/sign?key=custom-user-key&key_claim_name=exp` would return an error); -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
