search

krakend / krakend-ce

KrakenD Community Edition: High-performance, stateless, declarative, API Gateway written in Go.
https://www.krakend.io
Apache License 2.0
1.94k stars 453 forks source link

Complex keys in the "keys_to_sign" property #852

Open ridgarou opened 7 months ago

ridgarou commented 7 months ago

Version of KrakenD you are using v2.5.0

Description I have a backend service that, upon login, returns the _accesstoken in a nested object and I would like to sign it with the JWT signing functionality. 

{
  "user": {
    "access_token": {
                "aud": [ "xxxxxxxxxxxxxxxxxxxxxx" ],
                "exp": 1709545713,
                "iat": 1709542113,
                "jti": "e1436772-d038-4488-8870-127d35833c1c",
                "nbf": 1709542113,
                "scope": "xxxxxxxxxxxxxxxxxxxxxx-yyyyyyyy",
                "sub": "6a792e214a3ca1e4b1d90d6b301c8babc89415cc",
            },
            "expires_at": 1709545713655
  }
}

Problem The JWT signing functionality only allows you to specify properties to sign in keys_to_sign that are at the root of the main object. In this case, the _accesstoken property is nested within the user object.

Is there a way to sign the _user.accesstoken property with the JWT signing functionality?

alombarte commented 7 months ago

Hello @ridgarou , this functionality is not currently supported

ridgarou commented 7 months ago

Thanks for the response. I understand that this functionality is not currently available. I would like to know if it would be possible to implement it in the future.

I think this would be very useful for users who need to sign tokens with more complex object structures.

alombarte commented 7 months ago

I will leave this issue open for a while so people can upvote the functionality with a :+1: . It is the first time I've seen this requirement in six years, so I don't think it is very common among KrakenD users, but let's see what the community says