Open Voronar opened 1 year ago
I'm looking to implement a nested JWT approach for my application with JOSEkit.
It looks like this PR adds first-class support for nested JWTs. But from what I can tell, nothing is keeping me from writing a nested JWT into the claims section of a normal JWT.
Just curious about the context for this PR; it doesn't look like it's tied to an issue number. Is it likely to land?
I just wanted to make it according to the spec (https://datatracker.ietf.org/doc/html/rfc7519#appendix-A.2), where outer JWT payload is not actually serde_json::map::Map
, but a plain text (e.g. signed JWT).
Landing depends on the owner approvement.
Thanks for the explanation! That was helpful! ❤️
A bit hacky, but it works.