Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

allow to use a proc to fetch public cert instead of a static url #7

Open
namiwang opened this issue Mar 8, 2022 · 1 comment
Open

allow to use a proc to fetch public cert instead of a static url #7

namiwang opened this issue Mar 8, 2022 · 1 comment
Assignees
@Jack12816
Labels
Backend Work related to the Backend Team

Comments

@namiwang
Copy link

namiwang commented Mar 8, 2022

So some providers (e.g. google/firebase) is using a JSON file to expose multiple x509 public keys instead of one plain file.
@Jack12816 Jack12816 self-assigned this Jan 18, 2023
@Jack12816 Jack12816 added the Backend Work related to the Backend Team label Jan 18, 2023
@Jack12816
Copy link
Member

In this case, you should implement a custom authenticator proc which also fetches the RSA public keys and caches them respectively. I'm unsure how you determine which RSA key to use for verification for which runtime JWT. But if there is no way to detect it properly, you could probe each one until you find a valid combination.

This functionality could be interesting for others I guess. I will keep this issue open as a feature request. But it is doable with the library and custom code right now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Jack12816 Jack12816

Labels
Backend Work related to the Backend Team
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@namiwang @Jack12816