victorolinasc
commented
3 months ago We are about a year past this... unfortunately a few things happened that pushed me away a bit from the OSS work... changed jobs, lived abroad for a while, currently working with a different stack... in the meantime also a sad thing happened. I had a working version of a pure Elixir JWT library that I stupidly lost in a switch of machines...
So, all in all, just wanted to let people know that I am slowly regaining time to rework my way through these discussions and will re-code a pure Elixir version of a JWT library... it will take time but key validation through x509 will be built-in (with an additional optional dep of x509 of course...).
After that I hope to come back to a 2.0 version of jwks. In the meantime I will probably release a new version with the new process structure currently in master.
For anyone watching this issue, thanks for your patience! OSS is rewarding in many ways but I can't live off of it for now so I have to do with the little spare time here (but I plan on becoming a linux kernel developer for retirement... that is still some decades away hopefully... ).
I am still looking at all issues and if any nasty one appears I try to make some room to help and not let this get stuck.
This library is around 5 years old currently and not only my understanding of the environment and language has hopefully evolved but also the uses of JWKS and the understanding of the spec itself is better nowadays. So, I think it is time we discuss a bit about a 2.0 version.
Current breaking issues are:
These have to be tackled either way (breaking or not).
Some others I think are important:
x5tandx5cclaims as targetsI will have time to work on these on May. If anybody has any other issues that would like to see added here please join the discussion :)