Open andrewbaxter opened 6 months ago
Is it the same thing that I need a nonce header to build the JWT coinbase expects?
https://docs.cloud.coinbase.com/advanced-trade-api/docs/rest-api-auth
From their python example...
jwt_token = jwt.encode(
jwt_payload,
private_key,
algorithm='ES256',
headers={
'kid': key_name,
'nonce': secrets.token_hex()
},
)
The ACME document didn't refer to any other spec so I think it's a coincidence, but I guess if one protocol needs a nonce there are probably others that do too?
IIRC one of the JWT spects talked about making RFCs for header keys, so maybe it is defined somewhere else... sorry, not sure.
Hello, like #9 I'm looking into using this for an ACME implementation. I think a few other changes would be necessary
url
andnonce
. I'm not sure the best way to do this. I can think of three options?url
andnonce
to Header. Header is already a superset of possible fields, and AFAIK the two main uses of JWT are Oauth2 and ACME so it doesn't seem like a stretch.""
forPOST for GET
in the protocol.jws.rs
withencode_jws
anddecode_jws
These are fairly small changes so I'd be glad to make a PR if it sounds reasonable.