-
How would you configure the starter to work with OAuth2 JWTs using shared signing keys in a reactive gRPC service?
We see [this example](https://github.com/yidongnan/grpc-spring-boot-starter/blob/m…
-
Details need to be filled in for this issue. At a high level there is evidence that Spring Security uses tokens that are not compliant with JWT security tokens and this causes issues if a Spring appl…
-
spin-off from https://github.com/OWASP/ASVS/issues/1925 "proposal 4"
From @TobiasAhnoff
> 4 Verify that only access-tokens are used for authorization by the RS (not id-tokens or other kinds of t…
-
**What is the bug?**
The `jwt_auth_domain` authentication backend fails to parse the `signing_key` value when the key is formatted in as a PEM as [shown in the documentation](https://opensearch.org/d…
-
We are using an OpenShift cluster to deploy SeaweedFS, and we are using HashiCorp Vault as a Certificate Authority. The Vault-Agent-Injector is injecting the certificates into the Seaweed pods, and t…
-
### Describe the bug
After keycloak sso login it is showing error : Failed to Initialize authentication Subsystem please find below attachements
![image](https://github.com/microcks/microcks/asset…
-
Currently doing migration from python-jose to joserfc and found myself in a bit of a pickle.
python-jose implementation allows validation of the token against the public_key (using verify method fr…
-
Would it be feasible to use Redbird for microservices Authorization.
I am thinking that resolvers could be used to get the JWT token from request headers, check it is valid, then check that the use…
-
-
I'm trying to use `cf-java-logging-support` together with SAP Cloud SDK. Both depend on `com.auth0:java-jwt`, albeit at different major versions, which is causing problems.
- Cloud SDK depends on f…