@@ -180,6 +180,21 @@ try {
180180
181181If a Claim couldn't be converted to JSON or the Key used in the signing process was invalid a ` JWTCreationException ` will raise.
182182
183+ NOTE: Each token has a NoneAlgorithm boolean value which is set to False by default unless set explicitly.
184+
185+ ``` java
186+ GoogleJwtCreator . build(). setIsNoneAlgorithmAllowed(true )
187+ ```
188+
189+ If the none algorithm property is set to true as done above, the following error will be thrown when algorithm 'none' is used:
190+ "None algorithm isn't allowed".
191+
192+ ### Serializing a token
193+
194+ When signing, you can encode via a 16-byte, 32-byte, the standard 64-byte, and a JSON encoding.
195+ When you call the method standard ` sign() ` as in the example above, the token is 64-byte encoded.
196+ To encode via a 16-byte, call ` signBase16Encoding() ` , via a 32-byte, call ` signBase32Encoding() ` , and
197+ via a JSON encoding, call ` signJSONEncoding() ` .
183198
184199### Verify a Token
185200
@@ -220,6 +235,13 @@ verifyClaims(claims, exp);
220235If the token has a Claim requirement that has not been met, an ` InvalidClaimException ` will raise.
221236If the token has an invalid signature, an ` AlgorithmMismatchException ` will raise.
222237
238+ ### Deserializing a token
239+
240+ In order to recover the DecodedJWT after signing, you need to decode with the appropriate decode method
241+ corresponding to the appropriate encode method. For the standard 64-byte encoding, to recover the DecodedJWT,
242+ you call ` decode() ` as in the example above. When you encode via 16-bytes, you call ` decode16Bytes() ` ,
243+ via 32-bytes, call ` decode32Bytes() ` , and via a JSON encoding, call ` decodeJSON() ` .
244+
223245#### Time Validation
224246
225247The JWT token may include DateNumber fields that can be used to validate that:
0 commit comments