docs(jwks): update jwks conf documents

[ossdhaval]

Prepare

• [ ] Read PR guidelines
• [ ] Read license information

---

Description

Target issue

closes #issue-number-here

Implementation Details

---

Test and Document the changes

• [ ] Static code analysis has been run locally and issues have been fixed
• [ ] Relevant unit and integration tests have been added/updated
• [ ] Relevant documentation has been updated if any (i.e. user guides, installation and configuration guides, technical design docs etc)

[dryrunsecurity[bot]]

Hi there :wave:, @dryrunsecurity here, below is a summary of our analysis and findings.

DryRun Security	Status	Findings
Server-Side Request Forgery Analyzer	:white_check_mark:	0 findings
Configured Codepaths Analyzer	:white_check_mark:	0 findings
Secrets Analyzer	:white_check_mark:	0 findings
Authn/Authz Analyzer	:white_check_mark:	0 findings
SQL Injection Analyzer	:white_check_mark:	0 findings
Sensitive Files Analyzer	:white_check_mark:	0 findings
IDOR Analyzer	:white_check_mark:	0 findings

[!Note] :green_circle: Risk threshold not exceeded.

Change Summary (click to expand)

The following is a summary of changes in this pull request made by me, your security buddy :robot:. Note that this summary is auto-generated and not meant to be a definitive list of security issues but rather a helpful summary from a security perspective. **Summary:** The code changes in this pull request focus on providing a comprehensive guide for managing JSON Web Keys (JWKs) in the Janssen Server. The changes cover the different configuration tools available, including command-line, text-based UI, and REST API, and detail the various operations that can be performed on JWKs, such as getting the list of configured JWKs, adding, updating, patching, and deleting JWKs. From an application security perspective, the key points are: 1) Proper management of JWKs is crucial for the security of the overall system, as they are used to verify JSON Web Tokens (JWTs) issued by the authorization server; 2) The use of unique `kid` (key identifier) values and the `use` parameter (which specifies the intended use of the public key) are important security features; 3) Following the JWK specification (RFC 7517) and algorithm-specific properties (RFC 7518) is essential; and 4) The ability to patch and delete JWKs is a sensitive operation that should be carefully controlled and monitored to prevent unauthorized modifications or deletions. **Files Changed:** - `docs/admin/config-guide/json-web-key-config.md`: This file provides a comprehensive guide on managing JSON Web Keys (JWKs) in the Janssen Server. It covers the different configuration tools available, the various operations that can be performed on JWKs, and highlights the key security considerations, such as the importance of using unique `kid` values, specifying the correct `use` parameter, and following the relevant RFCs.

Powered by DryRun Security