-
Notifications
You must be signed in to change notification settings - Fork 205
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: add JWKS provider to the josev2 validator #97
Conversation
Signed-off-by: Jon Carl <[email protected]>
Signed-off-by: Jon Carl <[email protected]>
Signed-off-by: Jon Carl <[email protected]>
Signed-off-by: Jon Carl <[email protected]>
Signed-off-by: Jon Carl <[email protected]>
Signed-off-by: Jon Carl <[email protected]>
Signed-off-by: Jon Carl <[email protected]>
Signed-off-by: Jon Carl <[email protected]>
Codecov Report
@@ Coverage Diff @@
## v2 #97 +/- ##
==========================================
- Coverage 92.42% 85.55% -6.87%
==========================================
Files 3 3
Lines 132 180 +48
==========================================
+ Hits 122 154 +32
- Misses 9 21 +12
- Partials 1 5 +4
Continue to review full report at Codecov.
|
Signed-off-by: Jon Carl <[email protected]>
examples/http-example/main.go
Outdated
@@ -41,6 +50,7 @@ func main() { | |||
|
|||
// setup the piece which will validate tokens | |||
validator, err := josev2.New( | |||
// p.KeyFunc, // uncomment this to use the caching key provider | |||
keyFunc, | |||
jose.HS256, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When using JWKS, this will in most cases be RS256 instead of HS256?
Maybe also update example: https://github.com/auth0/go-jwt-middleware/tree/v2/validate/josev2/examples ? |
@wimdec thanks for the review! I think I'll break out a second example for JWKS specifically. |
Signed-off-by: Jon Carl <[email protected]>
Signed-off-by: Jon Carl <[email protected]>
Many times JWTs will be signed with a JWKS. When working with JWKS it is beneficial to cache the keys used to check token in order to decrease request round-trip and keep from potentially hitting identity provider rate limits. This PR adds a JWKS provider to the josev2 validator as well as a caching JWKS provider.