Sovietaced
commented
11 months ago Took a first shot at this and it is quite disruptive to many of the APIs and interfaces :/
Closed Sovietaced closed 4 months ago
Sovietaced
commented
11 months ago Took a first shot at this and it is quite disruptive to many of the APIs and interfaces :/
Sovietaced
commented
4 months ago Decided to roll my own verifier with support for open telemetry: https://github.com/Sovietaced/okta-jwt-verifier
dbellinghoven
commented
1 month ago I also wrote a verifier of my own for similar reasons (although it's not quite as much of a drop-in replacement as yours 😄 ): https://github.com/dbellinghoven/okta-jwt-verifier
I was debugging a latency issue with token validation and thought it would be nice if this library had support for telemetry context propagation. From what I've seen in the source code the primary use case for telemetry would be the retrieval of the JSON web keys which requires a network hop to the Okta servers (and potential latency to token validation).
Although there is support for a pluggable HTTP client, an HTTP client that supports distributed tracing will not be able to link the request for the JSON web keys to any other distributed tracing spans since the HTTP client is not passed any context when a request is made.
I'm happy to file a pull request for this.