Open kleinmrk opened 2 years ago
This is still just a draft, there is much to do regarding error handling (currently I just lazily throw std::runtime_error
all over the place) but I would be happy to hear your feedback, whether this PR goes the right direction.
@Thalhammer
One of jwt-cpp's strengths has been that its trivial to add custom algorithms and this has indeed been used in academics to research new ones. The jwks part doesn't take that into account at all. While I get that the set of algorithms currently allowed in jwks is fixed, it might be useful to provide a way to add custom ones for research or if someone needs support of future algorithms before we add it.
I looked into how to make it possible to extend JWKs by custom algorithm and I ended up exposing algo_base
and algo
structures so the users can register their own algorithms like this. I don't know whether this is acceptable but I am out of other ideas. If you don't like the approach then please stop me now :D
This MR enables loading keys from json to
jwk
objects. It also adds an interface to the verifier class which accepts such keys and uses them as appropriate, based on thekid
andalg
claims, during token verification.So far only RSA and oct keys can be loaded from json to
jwk