We currently implement a scenario where generate a token in node.js javascript with jwt . We use RS512 with certificates for token generation. The token has an expiration limit. Sign and verify work perfect if we use the node.js implementation only.
In addition we run a golang server where we want to use the same token for access control. Means the golang implementation has just to do the token verification. We tried a number of golang libs, recommended on jwt.io. None of them was able to handle a valid token in the expected manner so far. Or they do not support exp or they do not support RS512. The furthest we got was hitting a "crypto/rsa: verification error" when using
github.com/dvsekhvalnov/jose2go
payload, headers, err := jose.Decode(token,sharedKey)
Any are ideas welcome.