Set a list of certs for static configuration

IdentityServer / IdentityServer3.AccessTokenValidation

OWIN Middleware to validate access tokens from IdentityServer3

Apache License 2.0

91 stars 149 forks source link

Set a list of certs for static configuration #122

Closed johnkors closed 7 years ago

johnkors commented 7 years ago

Rolling cert support for static config

(created a new PR to trigger a new build)

dnfclas commented 7 years ago

Hi @johnkors, I'm your friendly neighborhood .NET Foundation Pull Request Bot (You can call me DNFBOT). Thanks for your contribution! You've already signed the contribution license agreement. Thanks!

The agreement was validated by .NET Foundation and real humans are currently evaluating your PR.

TTYL, DNFBOT;

leastprivilege commented 7 years ago

Hey,

sorry - it's been a while.

So I really think this feature is not complete - you would need to able to configure all the other things statically as well - also X509 is just one option here - it could be also raw RSA keys.

Do you want to extend that to support more config - or is it not that important?

johnkors commented 7 years ago

No worries, it was just a thought :)

Ok, I just thought that since the remote version using the discovery doc fetches a list of jwks, maybe the static one could include a list as well as opposed to a single cert. Did not consider any other aspects than X509s.