apple / app-store-server-library-java

MIT License
169 stars 38 forks source link

[Feature Request] Custom Implementation of BearerTokenAuthenticator #108

Closed umireon closed 4 months ago

umireon commented 4 months ago

Background

We think the security of the private key used for JWT signing is important, and we want to use Cloud KMS on Google Cloud with this library. The current implementation of AppStoreServerAPIClient only signs the JWT with the on-memory private key, and we'd like this library to accept injecting arbitrary implementation of JWT signing.

Proposal

We want to add setBearerTokenAuthenticator to the AppStoreServerAPIClient class and refactor BearerTokenAuthenticator into an interface. The existing BearerTokenAuthenticator would be renamed OnMemoryBearerTokenAuthenticator, and it would not be instantiated when the signingKey parameter is null. This proposal will enable users to integrate any JWT signing backend, and you don't need to maintain the detailed implementation of the JWT signing.

We are eager to contribute by creating a pull request to implement this feature when you agree to this proposition.

Thanks in advance!

alexanderjordanbaker commented 4 months ago

@umireon I had a project going to already significantly overhaul some aspects of the client so threw this in there, let me know if https://github.com/apple/app-store-server-library-java/pull/109 would meet your needs

umireon commented 4 months ago

Yes, that PR implements the exact feature that we need with your library! Thanks!

alexanderjordanbaker commented 4 months ago

Version 3.0.0 was just released

umireon commented 4 months ago

Thank you for implementing this ❤️