brentschmaltz
commented
6 months ago @jennyf19 we should combine all the EC/ECDSA issues into one.
Open wparad opened 9 months ago
brentschmaltz
commented
6 months ago @jennyf19 we should combine all the EC/ECDSA issues into one.
Today: EdDSA signed JWTs
Future: The goal is for this list: https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/blob/dev/src/System.IdentityModel.Tokens.Jwt/JwtSecurityTokenHandler.cs#L62 to support an EdDSA signature strategy so that dependencies of this library understand how to handle EdDSA signed JWTs.
In this case the issue is sourced from
Microsoft.AspNetCore.Authorization.Authorizeattribute which attempts to useSystem.IdentityModel.Tokens.Jwtthrough the packageMicrosoft.AspNetCore.Authentication.JwtBearer(this repo) package for verifying the incoming tokens.Related:
1970
If a PR is opened to add this support, will it be accepted and helped to be shepherded to completion or will a PR of this nature lay on apathetic ears?