-
JOSE/IETF specifications often use URIs that point to JSON Web Key Sets (JWKS), e.g., OpenID Connect. It would be great if we could find a way that allows a DID URL to be used in such a way. This coul…
awoie updated
3 months ago
-
As `jose` supports JWKS for verification, it'd be great if this could too :)
-
*Title*: *Improve JWKs caching*
*Description*:
>So caching remote JWKs comes with a few advantages and disadvantages. We'd like to cache the keys for performance reasons, but for security reasons,…
-
### What is the feature you are proposing?
currently the `jwt` middleware requires a static secret value, however in my use case (see below) it's not a static secret instead it is retrieved from an J…
-
Hi!
Thanks for making this awesome client library! I'm actually really curious how you are codegen-ing this, it's been a joy to use.
I was digging into the library and I found one issue that's …
-
In the README there is this `@fastify/jwt` integration example:
```js
const fastify = Fastify()
const getJwks = buildGetJwks()
fastify.register(fjwt, {
decode: { complete: true },
secret…
-
Hello!
I would like to explore the possibility of enhancing the Security Document Loader to support additional use cases.
I understand that in the Learner Credential Wallet, `did:key` is current…
-
Currently, we must use snippets to configure auth_jwt_leeway (see https://nginx.org/en/docs/http/ngx_http_auth_jwt_module.html#auth_jwt_leeway).
It would be very nice if that was configurable direct…
-
**Describe the bug**
can not init TurboAuthClient in svelte.
error:
Uncaught (in promise) TypeError: import_arweave.default.init is not a function
**To Reproduce**
code:
```
import {Turbo…
-
Currently, Oauth middleware validates if the JWT token received is valid or not but it does not check if it is expired.
As per, [RFC-7519](https://www.rfc-editor.org/rfc/rfc7519#page-9) it is optio…