Improper Authentication

Summary

A critical Authentication Bypass vulnerability in fast-jwt's async key-resolver flow allows any unauthenticated attacker to forge arbitrary JWTs that are accepted as authentic. When the application's key resolver returns an empty string (''), for example via the common `keys[decoded.header.kid] || ''` JWKS-style fallback, fast-jwt converts it to a zero-length `Buffer`, hands it to `crypto.createSecretKey`, derives `allowedAlgorithms = ['HS256','HS384','HS512']` from it, and then verifies the token's signature against an empty-key HMAC. The attacker simply computes `HMAC-SHA256(key='', input='${header}.${payload}')`, which Node accepts without complaint -- and the verifier returns the attacker-chosen payload (sub, admin, scopes, etc.) as authentic. This issue affects fast-jwt versions prior to 6.2.4.