pub fn default_allowed_algorithms() -> Vec<Algorithm>Expand description
Default allowed algorithms for OAuth 2.1 — asymmetric only.
HMAC algorithms (HS256/HS384/HS512) are excluded to prevent algorithm confusion attacks where the attacker uses the server’s public key as an HMAC secret.