Revoke Keys with reason

[50c]

I have the requirement to accept tokens signed with expired key(resulting in key beeing revoked). This can still be done with your awesome library. But I also wan't accept tokens signed by key expicit revoked by admin user. Currently I can't distinguish both kind of revokation. I've made some possible extension to enable this by letting me specify the reason for revokation so I can prevent to use some revoked keys I have "blacklisted" Are you interested in such extension or would you suggest other some solution for my problem. Thank you

[brunobritodev]

Hi @50c!

I couldn't understand the second scenario. You have a revoked key and you want to validate old tokens that was signed by this key? Or you want to generate new tokens with a revoked key? Can you show me a example?

btw, we are open to new features, we just have some sort of resistance to accepting them when there are break changes with existing features

[50c]

Hi, thank you for your prompt feedback. In my scenario I have some long time range validity tokens already issued. I want to accept this tokens even the key is already rotated and revoked. On the other side I would like to revoke specific key manually (by allow security administrator to do so). Those tokens should not be acceptable anymore. To summarize, I want to distinguish keys expired naturally way by time rotation from those that were revoked explicitly. I have found the easy way to additionally provide the Reason for revokation (the field was already there at least by DataProtection Store). So the extension was to add additional field "RevokedReason" to KeyMaterial and give possibility to revoke a key with optionally revokedReason parameter. This parameter defaults to same value that was already used. I have also added additional Unit Tests keeping same structure. All existing functionality remains without breaking changes. If you don't mind, I can share the change by pull request.

[brunobritodev]

Great, go ahead and make pr!

[brunobritodev]

Added at pr #38