- Summary
This adds the RS256 Signing Method to the valid Parser methods in api/auth.go.
There are two new properties on the JWTConfiguration struct: Method and Keyfile. Secret is no longer required, since the RS256 method will be looking at the Keyfile property. The Keyfile should be a path to a public keyfile.
Since Method is a new property, it is not required, so as to maintain backwards compatibility. api/auth.go defaults to HS256 when that property is not present.
- Motivation
I'm using a non-GoTrue authentication service which does not currently support HMAC signing of access tokens - only RSA.
- Test plan
Existing instances of Git Gateway should continue to function normally upon update.
Closes Issue #32
- Summary This adds the RS256 Signing Method to the valid Parser methods in
api/auth.go.There are two new properties on the JWTConfiguration struct:
MethodandKeyfile.Secretis no longer required, since the RS256 method will be looking at theKeyfileproperty. TheKeyfileshould be a path to a public keyfile.Since
Methodis a new property, it is not required, so as to maintain backwards compatibility.api/auth.godefaults to HS256 when that property is not present.- Motivation I'm using a non-GoTrue authentication service which does not currently support HMAC signing of access tokens - only RSA.
- Test plan Existing instances of Git Gateway should continue to function normally upon update.
Using RS256:
.envkey.pub- Description for the changelog Allow for tokens to be signed with RS256
- A picture of a cute animal (not mandatory but encouraged)