Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Parameterise JWT over Claims object #39

Closed
frasertweedale opened this issue Mar 25, 2017 · 2 comments
Closed

Parameterise JWT over Claims object #39

frasertweedale opened this issue Mar 25, 2017 · 2 comments
Assignees
@frasertweedale
Labels
enhancement

Comments

@frasertweedale
Copy link
Owner

The JWT claims object only implements the registered claim names from RFC 7519.
But there are now other registered claim names from other standards. See
https://www.iana.org/assignments/jwt/jwt.xhtml.

Similar to what was done with JWS headers, we should parameterise JWT over a "claims" type
that models the claims understood by a particular application.
@frasertweedale frasertweedale self-assigned this May 21, 2022
@frasertweedale
Copy link
Owner Author

Working on this...

@frasertweedale
Copy link
Owner Author

Fixed:

commit 17e67cb0c924d9ccd3d712be1050cb3c23e6f154 (HEAD -> master, github/master)
Author: Fraser Tweedale <frase@frase.id.au>
Date:   Wed Jun 15 22:19:24 2022 +1000

    doc: minor improvements to Crypto.JWT haddock

commit 74c7dc9e55455e279bed2f97ea69787418a4f160
Author: Fraser Tweedale <frase@frase.id.au>
Date:   Wed Jun 15 22:04:42 2022 +1000

    deprecate unregisteredClaims
    
    Remove `unregisteredClaims` from class `HasClaimsSet`.  If you're
    sub-typing `ClaimsSet`, you don't need `unregisteredClaims`.
    Indeed, the former subsumes the latter.
    
    To encourage the more principled sub-typing approach, deprecated
    `unregisteredClaims` and the related function `addClaim`.  These
    functions will be removed in a future release.

commit 58f501f7a9508a9cffab9faa1b0ff3cd618ddb8b
Author: Fraser Tweedale <frase@frase.id.au>
Date:   Wed Jun 15 21:42:16 2022 +1000

    doc: how to define and use extended claims types

commit a02c556d30b2544c856fe7f1b1202e23221b775e
Author: Fraser Tweedale <frase@frase.id.au>
Date:   Sat May 21 16:10:15 2022 +1000

    add JWT sign/verify variants general in payload type
    
    Add variants of the JWT signing and verification functions that are
    general in the payload type.  This provides for applications that
    use additional claims beyond those registered by RFC 7519.
    
    Update the tests to use an example extended payload type in addition
    to ClaimsSet directly.
    
    Examples in documentation still need to be updated.
    
    The `unregisteredClaims` field in ClaimsSet is likely to be
    deprecated in the next release, and removed in a future release.

commit b007ab2acac01e0c4ea0eeb64111ee9a9306f0ac
Author: Fraser Tweedale <frase@frase.id.au>
Date:   Sat May 21 15:29:29 2022 +1000

    make ClaimsSet optics classy
    
    As an initial step to parameterising JWT processing methods over a
    claims-bearing payload type, define class HasClaimsSet and lift the
    claim optics into it.  Define the instance for ClaimsSet.

Will go out in the next major release.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@frasertweedale frasertweedale

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@frasertweedale