pact-foundation / roadmap

Developer Relations @ Pact - Your map to the Pact landscape for all-comers (maintainers, contributors, users, newbies)
https://pact.io/
MIT License
41 stars 7 forks source link

Support JWT Validation #82

Open canny[bot] opened 4 months ago

canny[bot] commented 4 months ago

(requested on behalf of a customer)

The use case I wanted to highlight with Pact was to verify the JWT OAuth token structure in the header. We have already dealt with mocking credentials/bypassing credentials in a previous company but the issue we faced here are that the contents of the token kept changing (weird yes, but hence wanting to use this tool to show the value).

I wanted to make sure that the JWT token contents itself were validated via Pact. If that is not “reasonable” fine, but I was hoping there was an example of header decoding and verification. Specifics are that JWT is base64 encoded, the structure and contents of the token are mappable and verifiable, and we want to make sure the header contents when decoded are correct or when they do change it fails. Theoretically the token contents shouldn’t change frequently, but we’ve had it change enough times that it barely made it in as something I’d like to test with Pact and enforce via the contracts.

https://pact.canny.io/admin/board/feature-requests/p/support-jwt-validation

canny[bot] commented 4 months ago

This issue has been linked to a Canny post: Support JWT Validation :tada: