Keats
commented
2 years ago I'm not sure it would be much simpler than https://github.com/Keats/jsonwebtoken/blob/master/examples/auth0.rs where you can easily tweak everything.
Closed LLBlumire closed 1 year ago
Keats
commented
2 years ago I'm not sure it would be much simpler than https://github.com/Keats/jsonwebtoken/blob/master/examples/auth0.rs where you can easily tweak everything.
LLBlumire
commented
2 years ago I guess my thoughts were something that covers more than just the RSA case, though that is definitely the most common
Jonathas-Conceicao
commented
1 year ago I would also like to see the library support this, as mentioned previously, the current API only directly supports RSA JWK. Where one can do DecodingKey::from_rsa_components.
The same, however, can't be done for the other algorithms as, e.g., there is no way to generate a DecodingKey from EC X, Y and curve parameters. And Ideally I believe there should be an from_jwk, ans it would simplify validating the payload without explicitly checking the exactly algorithm on the JWK.
Keats
commented
1 year ago It would need to come as a PR
It seems a very common pattern is to have a
JwkSetbe published by API providers, the most common thing to do with this is use the data from it toverify, so havingDecodingKey::from_jwk, or maybe even a validate method that just takes a token&strand aJwkSetand does the "common happy path" operation, might be a nice API to have?