Add support for decoding JWT tokens

urbanplatform / django-keycloak-auth

Middleware to allow authorization using Keycloak and Django for django-rest-framework (DRF). This package should only be used in projects starting from scratch, since it overrides the users' management.

MIT License

32 stars 14 forks source link

Add support for decoding JWT tokens #1

Closed moritz89 closed 2 years ago

moritz89 commented 2 years ago

Since the JWT tokens are signed, it is possible to create a parallel code path to introspecting tokens with the server. This would reduce the load on the Keycloak server and reduce the latency for requests.

I have implemented and tested this and if there is interest, I would gladly upstream the changes.

The introspection code path is preserved and can be toggled with a setting flag.

ftcardoso commented 2 years ago

Hi @moritz89!

Sure, you can upstream the changes, we gladly accept all the help. For now, keep them in a separate branch and then we can merge into the main.

moritz89 commented 2 years ago

You mentioned branch. Should I create a pull request or what is your preferred method?

ftcardoso commented 2 years ago

Yes, pull request. Thanks!