-
Notifications
You must be signed in to change notification settings - Fork 150
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
When using asymmetric encryption a kid header is convenient so JSON Web Key Sets can be used #160
Conversation
Hello @vanpelt, thank you for your contribution! I will merge your PR if you add a tests that checks that the My understanding of JWK specifies a data structure that holds a key respectively a JWK Set a datastructure that holds a set of keys. So it is more like PEM/DER. I currently don't understand how the changes are related to JWK Sets, but optionally adding the key id to the headers seems useful to me. Could you please rephrase the description of the PR stating what is actually changed and (if you like) open an issue that we might support JWK Sets? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add test for handler.
Adapted from qvest-digital#160
I picked up the ball at this, and have made the necessary adjustments. Just waiting for other things to get merged first. I compiled this change amongst other things in my own master - you can take it for a spin here (latest tag): https://hub.docker.com/r/kernle32dll/loginsrv |
Adapted from qvest-digital#160 (cherry picked from commit 5e871b0)
Adapted from qvest-digital#160 (cherry picked from commit 5e871b0)
Adapted from qvest-digital#160
Adapted from qvest-digital#160
Adapted from qvest-digital#160
Ideally loginsrv would just create a JSON Web Key Set and serve it up, but this is a a quick and easy fix for now. This was inspired by Auth0