Closed ryanchapman closed 5 years ago
Add support for HS384 and HS512
Example envoy config that uses the HS384 key secret (to anyone reading this, your key should be at least 48 bytes (384/8=48), not 6):
secret
http_filters: - name: envoy.filters.http.jwt_authn config: providers: sample_jwt_provider: issuer: sample.com local_jwks: inline_string: "{\"keys\": [{\"kty\":\"oct\",\"k\":\"c2VjcmV0\",\"alg\":\"HS384\"}]}" forward: true forward_payload_header: "plain-authorization" rules: - match: prefix: /protect requires: provider_name: sample_jwt_provider
Example envoy config that uses the HS512 key secret (to anyone reading this, your key should be at least 64 bytes (512/8=64), not 6):
http_filters: - name: envoy.filters.http.jwt_authn config: providers: sample_jwt_provider: issuer: sample.com local_jwks: inline_string: "{\"keys\": [{\"kty\":\"oct\",\"k\":\"c2VjcmV0\",\"alg\":\"HS512\"}]}" forward: true forward_payload_header: "plain-authorization" rules: - match: prefix: /protect requires: provider_name: sample_jwt_provider
Add support for HS384 and HS512
Example envoy config that uses the HS384 key
secret(to anyone reading this, your key should be at least 48 bytes (384/8=48), not 6):Example envoy config that uses the HS512 key
secret(to anyone reading this, your key should be at least 64 bytes (512/8=64), not 6):