coolaj86
/
old-keypairs.js
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity

verifyJwt as the compliment to signJwt #1

New Issue
Open
opened 2020-01-13 20:28:43 +00:00 by Ghost · 4 comments
Ghost commented 2020-01-13 20:28:43 +00:00
Copy Link

Would you support adding a verifyJwt function to the library.
I'm currently using this library on a node service that I want to accept self-issued tokens. So they are signed with a key that is sent in the sub_jws field.

https://openid.net/specs/openid-connect-core-1_0.html#SelfIssued

Would you support adding a verifyJwt function to the library. I'm currently using this library on a node service that I want to accept self-issued tokens. So they are signed with a key that is sent in the `sub_jws` field. https://openid.net/specs/openid-connect-core-1_0.html#SelfIssued
coolaj86 commented 2020-01-14 00:34:09 +00:00
Owner
Copy Link

I have the fetching and verification pieces over at
https://git.coolaj86.com/coolaj86/keyfetch.js

I'd prefer to put it over there... if it can fit.

However, I wasn't aware of the special case of https://self-issued.me.

Also, it appears that he JWK thumbprint there is at odds with the other thumbprint standard which specifies that the SHA-XXX should match that of the key's length (which for all practical purposes in 2020 is 256, but in the future could be 384 or 512).

I have the fetching and verification pieces over at https://git.coolaj86.com/coolaj86/keyfetch.js I'd prefer to put it over there... if it can fit. However, I wasn't aware of the special case of `https://self-issued.me`. Also, it appears that he JWK thumbprint there is at odds with the other thumbprint standard which specifies that the SHA-XXX should match that of the key's length (which for all practical purposes in 2020 is 256, but in the future could be 384 or 512).
Ghost commented 2020-01-15 15:25:22 +00:00
Author
Copy Link

That looks like a sensible separation. maybe a note in the docs to say it exits?

The https://self-issued.me part of the spec is very interesting. I'm trying to use it to create an OAuth provider which cannot track sign ins.

(p.s. is it possible to use this library and set the extractable option on keys to false)

That looks like a sensible separation. maybe a note in the docs to say it exits? The `https://self-issued.me` part of the spec is very interesting. I'm trying to use it to create an OAuth provider which cannot track sign ins. (p.s. is it possible to use this library and set the extractable option on keys to false)
coolaj86 commented 2020-01-18 02:13:25 +00:00
Owner
Copy Link

Yeah, I'm surprised I don't have it linked already. I'll keep that on my TODO list.

As far as setting the extractable option to false, I'd say just wrap the function and delete it the property. These things have too many options.

Yeah, I'm surprised I don't have it linked already. I'll keep that on my TODO list. As far as setting the extractable option to false, I'd say just wrap the function and delete it the property. These things have too many options.
Ghost commented 2020-02-05 09:35:48 +00:00
Author
Copy Link

Is it also possible to use keyfetch from a CDN? I was looking for it on rootprojects.org but cannot find it.

Is it also possible to use keyfetch from a CDN? I was looking for it on rootprojects.org but cannot find it.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
master
v1.2.14
v1.2.13
v1.2.12
v1.2.9
v1.2.8
v1.2.7
v1.2.6
v1.2.5
v1.2.4
v1.2.3
v1.2.1
v1.2.0
v1.1.0
v1.0.1
v1.0.0
v0.0.2
v0.0.1
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: coolaj86/old-keypairs.js#1
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?