Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve keyprovider reliability #570

Closed
wants to merge 2 commits into from
Closed

Improve keyprovider reliability #570

wants to merge 2 commits into from

Conversation

poovamraj
Copy link
Contributor

Changes

  • Added PrivateKeyDetail class
  • Deprecated getPrivateKey and getPrivateKeyId
  • Default Implementation for getPrivateKeyDetails
  • Getting the Private Key at the point of signing and passing it as parameters so that another getPrivateKeyDetails which can change the Key details

References

#503
#517

Testing

Added a Key Rotation Test (Proposed in #517). This test takes a long time to complete which increases the CI time.
Fixed existing mocks

  • This change adds test coverage
  • This change has been tested on the latest version of Java or why not

@poovamraj poovamraj requested a review from a team as a code owner March 31, 2022 07:15
@poovamraj poovamraj mentioned this pull request Apr 1, 2022
Merged
poovamraj
poovamraj commented Apr 4, 2022
View reviewed changes
lib/src/main/java/com/auth0/jwt/algorithms/Algorithm.java
* @return the signature in a base64 encoded array of bytes
* @throws SignatureGenerationException if the Key is invalid.
*/
public byte[] sign(byte[] headerBytes, byte[] payloadBytes, PrivateKey privateKey)
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We are exposing this new method in Algorithm class which takes in a Private Key, this is to ensure the same Private key used to build the header claim is used for signing. But this cannot be achieved without making this method public. This takes in a Private Key where Algorithm already has a private key which is contradictory

@poovamraj poovamraj added this to the v4-Beta milestone Apr 7, 2022
@poovamraj poovamraj mentioned this pull request Apr 27, 2022
Closed
@poovamraj poovamraj closed this Apr 27, 2022
@poovamraj poovamraj modified the milestones: v4-Beta, 4.0.0-beta.0 May 6, 2022
@poovamraj poovamraj mentioned this pull request May 6, 2022
Merged
@evansims evansims deleted the improve-keyprovider-reliability branch July 5, 2022 21:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
CH: Breaking Change CH: Fixed review:large Large review
Projects
None yet
Milestone
4.0.0-beta.0
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@poovamraj