alombarte
commented
1 year ago Hi @bholten,
Please feel free to add this in the docs. The correct document would be this one: https://github.com/krakendio/krakend-documentation/blob/master/authorization/revoking-tokens.md
The open-source version does not emphasize this much, as the EE has the revoke server, which already provides a REST API to perform this operations.
The RPC client you have seen in the playground is low-level code and reflects the same semantics of the bloomfilter. Perhaps a high-level client could be coded, but the connectivity issues need to be handled then.
Hola!
We are happily using KrakenD and had a use-case for revoking tokens via bloom filter.
We were rather surprised by the API of the open source bloom filter library -- the client requires a specific format for the byte arrays added via the client: the key, in our case
jti; and the value ,separated by a hyphen (-). This makes sense, I am sure KrakenD is internally using thekey-valueformat to know what field to look up in the JWT.This was not documented (that I could see) except in the example at the very excellent KrakenD playground, which is where we figured it out: see https://github.com/krakendio/playground-community/blob/24befb7dd8f08102804e5746b73ab690649696c5/images/jwt-revoker/main.go#L30
I'm happy to take a stab at adding it to the docs (maybe here? https://github.com/krakendio/krakend-documentation/blob/master/v2.1/authorization/revoking-tokens.md).
But also, the bloom filter client functions take byte arrays, perhaps the API of the client itself should make it more clear, and do the hyphenating behind the scenes?