Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support to directly provide crypto:PrivateKey and crypto:PublicKey in JWT signature configurations #1229

Merged
merged 24 commits into from
May 31, 2024
Merged

Add support to directly provide crypto:PrivateKey and crypto:PublicKey in JWT signature configurations #1229

merged 24 commits into from
May 31, 2024

Conversation

ayeshLK
Copy link
Member

@ayeshLK ayeshLK commented May 29, 2024
edited
Loading

Purpose

$subject

Fixes: #6514

Examples

Issuing self-signed JWT using crypto:PrivateKey

byte[] privateKeyContent = check io:fileReadBytes("path-to/private.key");
crypto:PrivateKey privateKey = check crypto:decodeRsaPrivateKeyFromContent(privateKeyContent);
jwt:IssuerConfig issuerConfig = {
    username: "John",
    issuer: "wso2",
    audience: ["ballerina", "ballerinaSamples"],
    expTime: 600,
    signatureConfig: {
        config: privateKey
    }
};
string jwt = check jwt:issue(issuerConfig);

Validating self-signed JWT using crypto:PublicKey

byte[] pubicCertContent = check io:fileReadBytes("path-to/public.crt");
crypto:PublicKey publicKey = check crypto:decodeRsaPublicKeyFromContent(pubicCertContent);
jwt:ValidatorConfig validatorConfig = {
    issuer: "wso2",
    audience: ["ballerina", "ballerinaSamples"],
    clockSkew: 60,
    signatureConfig: {
        certFile: publicKey
    }
};
string jwtContent = "xxxxxx";
jwt:Payload result = check jwt:validate(jwtContent, validatorConfig);

Checklist

  • Linked to an issue
  • Updated the changelog
  • Added tests
  • Updated the spec
  • Checked native-image compatibility

@ayeshLK ayeshLK requested a review from shafreenAnfar as a code owner May 29, 2024 07:11
Bhashinee
Bhashinee previously approved these changes May 31, 2024
View reviewed changes
NipunaRanasinghe
NipunaRanasinghe reviewed May 31, 2024
View reviewed changes
Copy link
Contributor

@NipunaRanasinghe NipunaRanasinghe left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM apart from these minor comments

docs/proposals/enable-crypto-key-usage.md Outdated Show resolved Hide resolved
ballerina/tests/jwt_validator_test.bal Outdated Show resolved Hide resolved
@NipunaRanasinghe
Copy link
Contributor

@ayeshLK do we have a changelog in this module to be updated?

@ayeshLK
Copy link
Member Author

ayeshLK commented May 31, 2024

@ayeshLK do we have a changelog in this module to be updated?

Already updated

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

NipunaRanasinghe
NipunaRanasinghe approved these changes May 31, 2024
View reviewed changes
Copy link
Contributor

@NipunaRanasinghe NipunaRanasinghe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@ayeshLK ayeshLK merged commit 90cd6b6 into ballerina-platform:master May 31, 2024
6 checks passed
This was referenced May 31, 2024
Closed
Closed
@ayeshLK ayeshLK mentioned this pull request Jun 13, 2024
Merged
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Bhashinee Bhashinee Bhashinee left review comments

@NipunaRanasinghe NipunaRanasinghe NipunaRanasinghe approved these changes

@shafreenAnfar shafreenAnfar Awaiting requested review from shafreenAnfar shafreenAnfar is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add support to directly provide crypto:PrivateKey and crypto:PublicKey in JWT signature configurations
3 participants
@ayeshLK @NipunaRanasinghe @Bhashinee