new data formats - jwcrypto 0.5.x #78
Conversation
|
@fmarier you want to put a critical eye to this work? feel free to throw away the under thought, and merge with your in progress implementation as needed. love to review after that. |
|
|
||
| function extractAlg(obj) { | ||
| var origAlg = obj.algorithm || obj.kty; | ||
| var alg = ALIASES[origAlg] || origAlg; |
fmarier
Jan 14, 2014
Contributor
This is a nit, but if we're dealing with a new format object (i.e. it has kty) then we don't need to look for aliases.
This is a nit, but if we're dealing with a new format object (i.e. it has kty) then we don't need to look for aliases.
lloyd
Jan 15, 2014
Author
Contributor
love it.
love it.
| @@ -93,14 +95,14 @@ var CERTS = [ | |||
| "email": "user@exampleidp.com", | |||
| "certifierPublicKey": {"algorithm":"RS","n":"14992830413702950214310095212044491259620359262383741324696388958190897089691526259734048412721912364240221301689826865084526414386073707804839978986676709963946069225361038897793675105866773424177081334731736862288361853661697790251045350661007112837048725805572051406892322870828536513516637815563734426985085169776230353505099335068959396036415837272499551706990150656379682592552383284722119011793645821942132094135988926383389368449569136547237729302181561293580509148227224997417221099523657138090327493805636962561720869470208329064396135474786068129369609669835010448697628273776942729022409017231229381035477","e":"65537"}, | |||
| "containedPublicKey": {"algorithm":"DS","y":"be83f1cf4dc2569af822b6b5c541792e321d9c6194ea567142e9869e495bb25fbf49693c6f577efe162093ef27c7c550ec3d810bf005e523d3ee6c77346e05fdcd9adf584670b368005b1ed2e26adc0eef9b2a871d7d51e5601349822710f3028a58b5af45f72b8366f530936a98ca7eafc7ba31d6e13636365e113a0a5b626c","p":"ff600483db6abfc5b45eab78594b3533d550d9f1bf2a992a7a8daa6dc34f8045ad4e6e0c429d334eeeaaefd7e23d4810be00e4cc1492cba325ba81ff2d5a5b305a8d17eb3bf4a06a349d392e00d329744a5179380344e82a18c47933438f891e22aeef812d69c8f75e326cb70ea000c3f776dfdbd604638c2ef717fc26d02e17","q":"e21e04f911d1ed7991008ecaab3bf775984309c3","g":"c52a4a0ff3b7e61fdf1867ce84138369a6154f4afa92966e3c827e25cfa6cf508b90e5de419e1337e07a2e9e2a3cd5dea704d175f8ebf6af397d69e110b96afb17c7a03259329e4829b0d03bbc7896b15b4ade53e130858cc34d96269aa89041f409136c7242a38895c9d5bccad4f389af1d7a4bd1398bd072dffa896233397a"} | |||
| }, | |||
| } /* , | |||
fmarier
Jan 14, 2014
Contributor
Does this test need to be ported or removed?
Does this test need to be ported or removed?
| delete params.publicKey; | ||
| certParams.principal = params.principal; | ||
| delete params.principal; | ||
| [ 'principal', 'sub' ].forEach(function(k) { |
fmarier
Jan 14, 2014
Contributor
Should we reject any certs that have both sub and principal?
Should we reject any certs that have both sub and principal?
lloyd
Jan 15, 2014
Author
Contributor
yes.
yes.
|
There's something else about the transition to the new format that we have to think about: IdPs. One way to phase it in would be:
Or we bundle 2 and 3 together and we have a flag day, but that will screw our existing IdPs. Note: my patches don't necessarily take into account the above timeline, I thought of that after I was done writing these. |
|
Finally (and I should have started with this!), this pull request looks really good! I like the way you detect the appropriate data format version. It's much better than my ill-fated attempt at preserving the existing versioning code in jwcrypto. |
no more Strings as Errors!
This implements almost the entirety of new data formats support describe in https://github.com/djc/id-specs/blob/prod/browserid/json-formats.md.
One tweak left is the changed property for
pubkey. currently this work is published on npm under thedevtag.Strategy here is this version of jwcrypto parses old or new formats, and always generates new formats. It should be integrated into:
It must be done in this order.