After reading the pitfalls and mitigations section, I'm starting to wonder why JWTs/JWEs/etc are even adopted despite these attacks demonstrated by many cryptographers mentioned in this book. Since JWTs allow for a choice of algorithms (algorithm agility) to sign/verify the tokens, it allows room for many developers to shoot themselves in the foot in securing these tokens, hence the multiple vulnerabilities documented in this book.
It's worth looking at better alternatives that are more cryptographically secure and have sane defaults than JWTs these days. I'd rather use either PASETO [0], Branca [1] or Fernet [2] Tokens at this point.
It's worth looking at better alternatives that are more cryptographically secure and have sane defaults than JWTs these days. I'd rather use either PASETO [0], Branca [1] or Fernet [2] Tokens at this point.
[0] https://paseto.io/
[1] https://branca.io/
[2] https://github.com/fernet/spec/