Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feat: update both enc and sign algorithms on the server #326

Closed
yuriyz opened this issue Jul 9, 2021 · 6 comments
Closed

Feat: update both enc and sign algorithms on the server #326

yuriyz opened this issue Jul 9, 2021 · 6 comments
Labels
comp-jans-auth-server Component affected by issue or PR effort-13 Relative effort required for completion of issue or PR kind-enhancement Issue or PR is an enhancement to an existing functionality kind-feature Issue or PR is a new feature request triaged Issue or PR is fully triaged
Milestone
1.1.0

Comments

@yuriyz
Copy link
Contributor

yuriyz commented Jul 9, 2021

Describe the issue

Feat: update both enc and sign algorithms on the server

<style type="text/css"></style>
authorization_encryption_alg_values_supported RSA1_5,RSA-OAEP,RSA-OEAP-256,ECDH-ES,ECDH-ES+A128KW,ECDH-ES+A192KW,ECDH-ES+A256KW,A128KW,A192KW,A256KW,dir,A128GCMKW,A192GCMKW,A256GCMKW,PBES2-HS256+A128KW,PBES2-HS384+A192KW,PBES2-HS512+A256KW
authorization_encryption_enc_values_supported A128CBC-HS256,A192CBC-HS384,A256CBC-HS512,A128GCM,A192GCM,A256GCM
authorization_signing_alg_values_supported PS384,RS384,HS256,HS512,RS256,HS384,PS256,PS512,RS512
backchannel_authentication_request_signing_alg_values_supported RS256,RS384,RS512,PS256,PS384,PS512,ES256,ES384,ES512,ES256K,EdDSA
dpop_signing_alg_values_supported RS256,RS384,RS512,PS256,PS384,PS512,ES256,ES384,ES512,ES256K,EdDSA
id_token_encryption_alg_values_supported RSA1_5,RSA-OAEP,RSA-OEAP-256,ECDH-ES,ECDH-ES+A128KW,ECDH-ES+A192KW,ECDH-ES+A256KW,A128KW,A192KW,A256KW,dir,A128GCMKW,A192GCMKW,A256GCMKW,PBES2-HS256+A128KW,PBES2-HS384+A192KW,PBES2-HS512+A256KW
id_token_encryption_enc_values_supported A128CBC-HS256,A192CBC-HS384,A256CBC-HS512,A128GCM,A192GCM,A256GCM
id_token_signing_alg_values_supported PS384,RS384,HS256,HS512,RS256,HS384,PS256,PS512,RS512
introspection_endpoint_auth_signing_alg_values_supported HS256,HS384,HS512,RS256,RS384,RS512,PS256,PS384,PS512,ES256,ES384,ES512,ES256K,EdDSA
request_object_encryption_alg_values_supported A192GCMKW,RSA-OAEP,dir,A192KW,A128GCMKW,PBES2-HS256+A128KW,PBES2-HS384+A192KW,RSA-OEAP-256,A128KW,A256GCMKW,A256KW,RSA1_5,PBES2-HS512+A256KW
request_object_encryption_enc_values_supported A128CBC-HS256,A192CBC-HS384,A256CBC-HS512,A128GCM,A192GCM,A256GCM
request_object_signing_alg_values_supported HS256,HS384,HS512,RS256,RS384,RS512,PS256,PS384,PS512,ES256,ES384,ES512,ES256K,EdDSA
revocation_endpoint_auth_signing_alg_values_supported HS256,HS384,HS512,RS256,RS384,RS512,PS256,PS384,PS512,ES256,ES384,ES512,ES256K,EdDSA
token_endpoint_auth_signing_alg_values_supported HS256,HS384,HS512,RS256,RS384,RS512,PS256,PS384,PS512,ES256,ES384,ES512,ES256K,EdDSA
userinfo_encryption_alg_values_supported RSA1_5,RSA-OAEP,RSA-OEAP-256,ECDH-ES,ECDH-ES+A128KW,ECDH-ES+A192KW,ECDH-ES+A256KW,A128KW,A192KW,A256KW,dir,A128GCMKW,A192GCMKW,A256GCMKW,PBES2-HS256+A128KW,PBES2-HS384+A192KW,PBES2-HS512+A256KW
userinfo_encryption_enc_values_supported A128CBC-HS256,A192CBC-HS384,A256CBC-HS512,A128GCM,A192GCM,A256GCM
userinfo_signing_alg_values_supported PS384,RS384,HS256,HS512,RS256,HS384,none,PS256,PS512,RS512
@smansoft
Copy link
Contributor

@shmorri
Why this Issue marked as "to be assigned"?

This issue has this PR:

https://github.com/JanssenProject/jans-auth-server/pull/210

and some additional branches (without PRs yet):

https://github.com/JanssenProject/jans-auth-server/tree/sergey_010
https://github.com/JanssenProject/jans-setup/tree/sergey_010
.

Thanks.

@ossdhaval ossdhaval transferred this issue from another repository Jan 13, 2022
@ossdhaval ossdhaval added comp-jans-auth-server Component affected by issue or PR effort-13 Relative effort required for completion of issue or PR kind-enhancement Issue or PR is an enhancement to an existing functionality kind-feature Issue or PR is a new feature request triaged Issue or PR is fully triaged labels Jan 13, 2022
smansoft added a commit that referenced this issue Jan 22, 2022
@smansoft
feat: extending crypto support, sub pr4, fixes; #142/#326;
5bad0a5
smansoft added a commit that referenced this issue Jan 24, 2022
@smansoft
feat: extending crypto support, sub pr4, eddsa_signer has been added; #…
f96d66c 
…142/#326;
smansoft added a commit that referenced this issue Jan 25, 2022
@smansoft
fix: jans-auth-server: extending crypto support, sub pr4; fixes; #142/#…
4d7f574 
…326;
smansoft added a commit that referenced this issue Jan 25, 2022
@smansoft
fix: jans-auth-server: extending crypto support, sub pr4; fixes; #142/#…
2742575 
…326;
yuriyz pushed a commit that referenced this issue Jan 26, 2022
@smansoft
feat(jans-auth-server): extending crypto support sub pr4 (#670)
fe07d76 
* feat: extending crypto support, sub pr4; #142;

* feat: extending crypto support, sub pr4, fixes; #142/#326;

* feat: extending crypto support, sub pr4, eddsa_signer has been added; #142/#326;

* fix: jans-auth-server: extending crypto support, sub pr4; fixes; #142/#326;

* fix: jans-auth-server: extending crypto support, sub pr4; fixes; #142/#326;

* feat: jans-auth-server: temp commit for sonar; fixes #365;

* feat: jans-auth-server: temp commit for sonar; fixes #365;

* feat: jans-auth-server: fix sonar warns; #365;

* feat: jans-auth-server: temp commit for sonar; fixes #365;

* feat: jans-auth-server: temp commit for sonar; fixes #365;

* feat: jans-auth-server: temp commit for sonar; fixes #365;

* feat: jans-auth-server: temp commit for sonar; fixes #365;

* feat: jans-auth-server: temp commit for sonar; fixes #365;
@moabu moabu added this to the 1.0.1 milestone Jun 15, 2022
@moabu moabu modified the milestones: 1.0.1, 1.0.2 Jul 8, 2022
@moabu moabu modified the milestones: 1.0.2, 1.0.3 Aug 30, 2022
@moabu moabu modified the milestones: 1.0.3, 1.0.4 Nov 3, 2022
@moabu moabu modified the milestones: 1.0.4, 1.0.5 Nov 14, 2022
@moabu moabu modified the milestones: 1.0.5, 1.0.6 Dec 1, 2022
@moabu moabu modified the milestones: 1.0.6, 1.0.7 Jan 9, 2023
@moabu moabu modified the milestones: 1.0.7, 1.0.8, 1.0.9 Mar 1, 2023
@moabu moabu modified the milestones: 1.0.9, 1.0.10 Mar 9, 2023
@moabu moabu modified the milestones: 1.0.10, 1.0.11 Mar 16, 2023
@moabu moabu modified the milestones: 1.0.11, 1.0.12 Apr 5, 2023
@moabu moabu modified the milestones: 1.0.12, 1.0.13 Apr 18, 2023
@moabu moabu modified the milestones: 1.0.13, 1.0.14 May 10, 2023
@moabu moabu modified the milestones: 1.0.14, 1.0.15 Jun 20, 2023
@moabu moabu modified the milestones: 1.0.15, 1.0.16 Jul 12, 2023
@moabu moabu modified the milestones: 1.0.16, 1.0.17 Aug 2, 2023
@moabu moabu modified the milestones: 1.0.17, 1.0.18 Sep 18, 2023
@moabu moabu modified the milestones: 1.0.18, 1.0.21 Nov 22, 2023
@ossdhaval
Copy link
Contributor

@yuriyz

I think this can be closed with all PRs from @smansoft now merged. Can confirm and close?

@moabu moabu modified the milestones: 1.0.21, 1.0.22 Dec 14, 2023
@moabu moabu modified the milestones: 1.0.22, 1.0.23 Feb 1, 2024
@yuriyz
Copy link
Contributor Author

yuriyz commented Feb 8, 2024

@ossdhaval can you point me to merged PRs ? I see only big PRs which were not merged because of abnormal size and many refactoring changes. We can't merge such PRs.

@ossdhaval
Copy link
Contributor

@yuriyz Maybe I was wrong in thinking all PRs have been merged. I added this comment 2 months back and now I don't remember what it was based on 😕

Anyway, @smansoft did a lot of work but unfortunately, the PRs were not of reviewable size. I can see that he also attempted to break it down to smaller PRs. Based on my search, the complete work is spread across below PRs:

https://github.com/JanssenProject/jans-auth-server/pull/210 - Full work is in this PR I believe. Too bit to review.
#383 - This seems to be a small PR, 7 changed files. Can this be reviewed and merged independently?
#385 - This seems to be a small PR, 7 changed files. Can this be reviewed and merged independently?
#669 - Merged already
#670 - Merged already

Do you think we can find a way forward from here?

@yuriyz
Copy link
Contributor Author

yuriyz commented Feb 9, 2024

383 and 385 are setup changes only. I don't see PRs to AS side for such changes. We can't change setup and declare something is supported if it is not supported. I guess main changes are in that big 210 PR. I'm closing 383 and 385 PRs for now. Also since 210 is not in reviewable state I think we can close this ticket even if it is not done. And open specific ticket for exact algorithm(s) that we think are useful for AS and which must be added. It will keep scope narrow and will not lead to huge PRs.

@yuriyz yuriyz closed this as completed Feb 9, 2024
@ossdhaval
Copy link
Contributor

@yuriyz Thank you for your actions on these issues. 🤝

About exact algorithm(s) that we think are useful for AS and which must be added.

You are the best judge here I believe. Can you please list out algorithms that you think should be our priority? I'll create issues for only those. Once these new issues are in place, I'll close JanssenProject/jans-auth-server#210

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
comp-jans-auth-server Component affected by issue or PR effort-13 Relative effort required for completion of issue or PR kind-enhancement Issue or PR is an enhancement to an existing functionality kind-feature Issue or PR is a new feature request triaged Issue or PR is fully triaged
Projects
None yet
Milestone
1.1.0
Development

No branches or pull requests
4 participants
@ossdhaval @yuriyz @smansoft @moabu