This adds a signature validator for JWKs (JSON Web Keys) to pkg/jwt. The new validator takes a JSON structure like the below, and will instantiate the correct signature validator for whichever types of keys are found in the structure.
The fields hmac_key and public_key in AuthorizationHeaderParserConfiguration have been replaced by a new field, jwks_inline, which takes the above structure.
As a follow-on step to this work, in a later PR, this data can be read from a file and periodically refreshed similar to how TLS certificates are treated.
EdSchouten
commented
1 year ago
This adds a signature validator for JWKs (JSON Web Keys) to pkg/jwt. The new validator takes a JSON structure like the below, and will instantiate the correct signature validator for whichever types of keys are found in the structure.
The fields
hmac_keyandpublic_keyin AuthorizationHeaderParserConfiguration have been replaced by a new field,jwks_inline, which takes the above structure.As a follow-on step to this work, in a later PR, this data can be read from a file and periodically refreshed similar to how TLS certificates are treated.