-
## 프로젝트 이름
iu-jwt-api
## 개요
### 보안 강화 JWT 라이브러리
- 주제 설명 : 보안에 초점을 맞춘 JWT 라이브러리를 제공한다.
- 주요기능 :
- 기본 JWT기능 + IP 검증, 사용자 에이전트 검증
## 저장소 주소
[https://github.com/hun-cloud/iu-jwt-api](h…
-
### OAuth2-Proxy Version
7.6.0
### Provider
azure
### Expected Behaviour
For API auth, OAuth2-Proxy should detect JWTs, even if the JWT contains whitespace after the curly bracket, in a…
-
## Description
인증 - JWT를 발급한다.
## TODO
- [x] spring security 설정
- [x] Authentication Filter 구현 (JWT 발급)
- [x] 로그인을 위해 bookstore에서 member info 가져오기
## ETC
기타사항
okeio updated
3 months ago
-
Hi,
I have configured Zitadel as an OAuth Provider. The Login flow works, but in the Log file an error is printed and I'm not logged in.
The Error is
```json
{"level":"debug","error":"invalid …
-
La key para la validación del token no resulta, lanza la excepción, no sé si sea la versión de spring pero he probado varios métodos para intentar resolverlo y ninguna a funcionado
JWT signature does…
-
Using the OAuth 2.0 Access Token JWT Profile[^1], we should be able to validate access tokens for OpenID providers who give JWT access tokens but don't provide an introspection endpoint. This should c…
-
Hello,
I use Oauth2 jwt connected to the keycloak server to verify the user's jwt token, but I find if there's no Authorization attribute in the http header or the no the keyword **_Bearer_** in tok…
-
Hello!
This library has security issues with algorithm confusion.
If the developer allows both the HS algorithm and the RS algorithm, the attacker can use the RSA public key and encrypt the JWT usi…
-
### Problem Statement
JWK endpoints expose keys which typically are not frequently rotated.
Currently CrateDB requests public keys on each authentication request which might be too expensive.
W…
-
Should we generate our own token or use the Google OAuth Token required for logging the user?