Add a bit about validation

2015-11-03 18:38:41 +00:00 · 2015-11-03 18:38:41 +00:00 · 4c6fa49450
parent fb229e1425
commit 4c6fa49450
1 changed files with 4 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -40,6 +40,10 @@ In addition to the normal base64/json decoding errors, `decode` can return two c
 - **InvalidSignature**: if the signature doesn't match
 - **WrongAlgorithmHeader**: if the alg in the header doesn't match the one given to decode

+### Validation
+Right now, the library only validates the algorithm type used but does not verify claims such as expiration.
+Feel free to add a `validate` method to your claims struct to handle that.
+
 ## Algorithms
 Right now, only SHA family is supported: SHA256, SHA384 and SHA512.