JWT: Enable reading a JSON Web Key Set from a file

buildbarn / bb-storage

Storage daemon, capable of storing data for the Remote Execution protocol

Apache License 2.0

137 stars 91 forks source link

JWT: Enable reading a JSON Web Key Set from a file #180

Closed mortenmj closed 10 months ago

mortenmj commented 11 months ago

This changes the JWKS configuration to be one of either inline content (as before) or a reference to a file.

To enable this, a new signature validator is added, the ForwardingSignatureValidator, which holds a pointer to some other validator that requests to ValidateSignature are forwarded to. We can replace this validator by calling Replace(). When periodically reading the content at the JWKS file path, this internal validator is updated to one containing the new JWKS content.

mortenmj commented 10 months ago

@EdSchouten any chance we could get this merged this week?

mortenmj commented 10 months ago

@EdSchouten ping