Nested JWT ad hoc implementation

hidekatsu-izuno / josekit-rs

JOSE (Javascript Object Signing and Encryption) library for Rust (based on OpenSSL).

Apache License 2.0

74 stars 31 forks source link

Nested JWT ad hoc implementation #22

Open Voronar opened 1 year ago

Voronar commented 1 year ago

A bit hacky, but it works.

RobbieMcKinstry commented 1 year ago

I'm looking to implement a nested JWT approach for my application with JOSEkit.

It looks like this PR adds first-class support for nested JWTs. But from what I can tell, nothing is keeping me from writing a nested JWT into the claims section of a normal JWT.

Just curious about the context for this PR; it doesn't look like it's tied to an issue number. Is it likely to land?

Voronar commented 1 year ago

I just wanted to make it according to the spec (https://datatracker.ietf.org/doc/html/rfc7519#appendix-A.2), where outer JWT payload is not actually serde_json::map::Map, but a plain text (e.g. signed JWT). Landing depends on the owner approvement.

RobbieMcKinstry commented 1 year ago

Thanks for the explanation! That was helpful! ❤️