-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement kbverify function #127
Conversation
Signed-off-by: Mirko Mollik <mirko.mollik@fit.fraunhofer.de>
Signed-off-by: Mirko Mollik <mirko.mollik@fit.fraunhofer.de>
Signed-off-by: Mirko Mollik <mirko.mollik@fit.fraunhofer.de>
Signed-off-by: Mirko Mollik <mirko.mollik@fit.fraunhofer.de>
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## next #127 +/- ##
==========================================
- Coverage 97.39% 97.38% -0.01%
==========================================
Files 23 23
Lines 1844 1876 +32
Branches 265 272 +7
==========================================
+ Hits 1796 1827 +31
- Misses 48 49 +1 ☔ View full report in Codecov by Sentry. |
Missing tests will be added in the next hours. |
It looks good to me. :) |
@cre8 Can we merge it? |
@lukasjhan I would love to implement the missing tests first. If you have the time please make a PR to my branch with the missing tests :) |
Okay I'll make a test for the new verifyKB function :) |
I added it in cre8#5 |
Signed-off-by: Lukas.J.Han <lukas.j.han@gmail.com>
Signed-off-by: Mirko Mollik <mirko.mollik@fit.fraunhofer.de> Signed-off-by: Lukas.J.Han <lukas.j.han@gmail.com> Co-authored-by: Lukas.J.Han <lukas.j.han@gmail.com> Signed-off-by: Mirko Mollik <mirko.mollik@fit.fraunhofer.de>
Signed-off-by: Mirko Mollik <mirko.mollik@fit.fraunhofer.de> Signed-off-by: Lukas.J.Han <lukas.j.han@gmail.com> Co-authored-by: Lukas.J.Han <lukas.j.han@gmail.com> Signed-off-by: Mirko Mollik <mirko.mollik@fit.fraunhofer.de>
closes #125
Adds signature verification to the kbVerify function. The whole payload of the actual token is passed to the kbverify function, it is not needed in the constructor of the KBJWT since this would break the extension from JWT.
The fetching of the key has to be implemented by the user. The payload has an optional field cnf. The user is free to get the key from another field like
subject
,id
etc. and is also free to parse the value - no limitation if there is a did url, jwk or url pointing to a hosted public key.<Since we need to pass the payload to the verify function, the verify function in KBJWT will not get overwritten, but there will be a new function. It looks better to do it this way than adding an optional field to the verify function in JWT that has no meaning just to be compliant with the other call. If someone know a more elegant way I am open for changes.