Add alg RS256 support for JWT generator and validator. #281
Conversation
|
Since this change is not really trivial, I will go through the contributing process. I'm currently creating my accounts. |
|
@clems4ever this looks really good - let's get it into a committable state. I have added you to Apache Mesos as a contributor and assigned me as a shepherd to your improvement. |
|
Hello @tillt , thank you for having a look. Don't you need to merge the following PR to make me be a contributor: https://github.com/apache/mesos/pull/282/commits? |
|
@clems4ever I totally missed your second PR - sorry for that. Merged it now. |
|
@tillt , no pb, I will create a review in the review board now. Thanks. |
|
@clems4ever can we have tests as well? :) |
|
@tilt, what do you mean? There are tests in the commit already. |
|
@clems4ever and missed that as well :D - it was hidden due to its size (large diff). |
|
@tilt, yes, large diff because I refactored a bit and added as many tests as there are for HS256. :) |
|
@tilt, here you go: https://reviews.apache.org/r/66621/. |
|
Closing this PR since reviews are in the review board. |
Currently, the JWT library only support creating and validating HS256 tokens. I implemented the creation and validation of RS256 tokens.
The interface is accepting a shared pointer of RSA as input for RSA keys to be as generic as possible but I also provide helper functions to convert PEM representation of keys into RSA keys so that it is easy to read the PEM on disk. I will probably implement the JWK representation of keys in a coming review.