Closed hop-along-polly closed 3 months ago
Nice work on the details! I'm getting reacquainted with JWTs again so this may be a stupid question, but what's the benefit over base64 or some hashing alg?
I liked that a JWT can easily be decoded with jwt.io so you can see what the request/response is and it has built in validation that nothing in the body has changed. It also makes it really easy to query for that record, but I suppose base64 or MD5 can do that as well. Originally I thought about MD5
Just trying to close up the finished work, feel free to reopen if more is needed.
Context
While prototyping AlwaysON I hardcoded a manifest JSON file on the Server side. This of course is not how AlwaysON will work in production. Instead it needs to use the HTTP exchanges stored in MongoDB when a Manifest is uploaded to the
/manifests
endpoint.Feature Request
When an HTTP Request is received by the GET Echo endpoint it needs to create a JWT from the incoming request, look up that JWT in MongoDB and respond with the configured Response.
Considerations
Some Requests will be configured with multiple responses. When AlwaysON sends a response it needs to keep track of how many times that Request has been received so the correct response is returned on subsequent calls.