Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implement JWT decoding and validation for the Provider struct #13

Closed
1 task
Tracked by #10
nanderstabel opened this issue Mar 31, 2023 · 0 comments · Fixed by #17
Closed
1 task
Tracked by #10

Implement JWT decoding and validation for the Provider struct #13

nanderstabel opened this issue Mar 31, 2023 · 0 comments · Fixed by #17
Assignees

Comments

@nanderstabel
Copy link
Collaborator

nanderstabel commented Mar 31, 2023

Description

We will implement JWT decoding and validation for the Provider struct. This will involve decoding the JWT and verifying its signature to ensure its authenticity. Additionally, we will perform other validation checks such as checking the issuer and audience claims.

Motivation

When a SiopRequest is particularly large (for example when it includes a Presentation Definition for Verifiable Presentations, or many claims) a Relying Party may choose to send its request by value by utilizing the request_uri. The actual SiopRequest that can be retrieved by following this redirect uri may or may not be encoded as a JWT. Therefore, the Provider should be capable of decoding and validation JWT's

Resources

SIOPv2 section 9.

To-do List

  • Support JWT validation for the Provider struct.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Archived in project
Development

Successfully merging a pull request may close this issue.

1 participant