Update Parse example to use WithValidMethods (#425)

golang-jwt · Jan 18, 2025 · c035977 · c035977
1 parent bc8bdca
commit c035977
Showing 1 changed file with 1 addition and 6 deletions.
diff --git a/hmac_example_test.go b/hmac_example_test.go
@@ -49,14 +49,9 @@ func ExampleParse_hmac() {
 	// head of the token to identify which key to use, but the parsed token (head and claims) is provided
 	// to the callback, providing flexibility.
 	token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
-		// Don't forget to validate the alg is what you expect:
-		if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
-			return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
-		}
-
 		// hmacSampleSecret is a []byte containing your secret, e.g. []byte("my_secret_key")
 		return hmacSampleSecret, nil
-	})
+	}, jwt.WithValidMethods([]string{jwt.SigningMethodHS256.Alg()}))
 	if err != nil {
 		log.Fatal(err)
 	}