noha
Absence-safe/tolerant access to JWT claims
When accessing the claims of a JWT—especially the "registered claims" that have accessors defined on JWTClaimSet—I personally expect the JavaScript/JSON convention of "accessing an undefined field is not an error, it just returns undefined" (or nil is the best we can do in Smalltalk). It's inconvenient, and really pretty much defeats the purpose of being able to ask claims audiences, if this may throw an error, forcing me to use claims at: 'aud' ifAbsent: []. I would have been inclined, when designing a library, to make this access "tolerant" by default, but for backwards-compatibility that may not be a good idea now. However I would appreciate at least adding a flag on the claim set that makes it tolerant, by making at: key send at: key ifAbsent: [] to the dictionary. Any suggestions on the names of the two modes? "Strict" I think is good for the current behavior. ZnCharacterEncoder uses beLenient for something analogous (mapping invalid bytes to themselves rather than throwing an error), "tolerant" and "loose" also occur to me but I think I'll go with "lenient" unless you have a better idea. I'll put together a PR soon.
