[FEATURE/IDENTITY] Incorporate byte stream processing for encryption/decryption #4943
Assignees
Labels
enhancement
Enhancement or improvement to existing feature or request
feature
New feature or request
Comments
stephen-crawford
added
enhancement
|
@scrawfor99 Would you might updating the roadmap [1] with when you think this should be implemented and provide a link back to this issue? https://github.com/opensearch-project/OpenSearch/blob/feature/identity/IDENTITY_ROADMAP.md |
|
[Update 11/30] I am going to start looking at this today and will update further with what I find about the steps for implementing this. I do have a design question for everyone in the meantime: What do we want to do about decryption? While encryption should be possible I am not sure that decrypting the JWTs as a byte stream will work in the same way. I think we will need to simply store the bytes until we get the entire token and then decrypt it all at once since we will need to have the signature. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This request is being filed to trim the amount of features being introduced with pull request #4730
As is, Principal Identifier Tokens do not have the functionality to be created via byte stream. This functionality is desired for various uses and should be added. You should be able to create a PIT via byte stream which is identical to a counterpart created via string so long as the byte stream encodes the same characters.
Tests should also be added in the PrincipalIdentifierTokenTests.java file to confirm this functionality. This may require the modification of the existing encryption/decryption code.
The text was updated successfully, but these errors were encountered: