-
I see that `additional_public_keys` can only be files:
https://github.com/lexik/LexikJWTAuthenticationBundle/blob/6a56ddb72e0d3802888a8fce86b29b22755392bd/Services/KeyLoader/AbstractKeyLoader.php#L50…
-
One thing that seems potentially useful to support is specifying the expected public key in request headers. For example, if an application specifies `integrity="ed25519-[base64-encoded public key]"`,…
-
For instance, FB openid conf:
https://www.facebook.com/.well-known/oauth/openid/jwks/
Format:
```
{
"kid": "dcd214c095176e06454dfe832254b0cde52b6052",
"kty": "RSA",
…
-
-
# Context / Motivation
In order to validate signatures, it is necessary to establish trust for validating parties. Depending on underlying certificate (on signing-server-side), it may be sufficient t…
-
The `hash_pubkeys` function in the Elixir implementation serializes **compressed** public keys, while the reference Python implementation serializes **uncompressed** keys. Public keys should be serial…
-
Currently it's optional whether the KBS is configured with the public key of the AS. If the public key is not provided, the token is not verified. There is an option for someone to use a secure config…
-
At present, `BaseDict.keys` and `BaseDict.values` return `list`, while `BaseDict.items` returns a new `dict`. This means that, contrary to the equivalent methods in the builtin `dict` object, content …
-
As shown in the figure, I have configured multiple encryption methods in netconf. However, when I verify it, I find that only two of them are supported.
```xml
default-…
-
Running the demo to call a token issuance is failing with "Unable to fetch public keys".
It looks like `JwtValidator.resolvePublicKeyJwks()` is connecting to https://discover.did.msidentity.com/v1.…