-
-
Notifications
You must be signed in to change notification settings - Fork 45
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for List of JWKS URLs #72
Comments
Thank you for opening this issue, @aklinkert. It looks like the specific request in this issue is to accept multiple HTTPS URLs for separate JWKS as arguments. Let me know if I read that incorrectly. I currently do not have plans to change Click for details about why this would be a new function.This is primarily because of According to RFC 7517 Section 4.5:
While this language isn't strong, it does imply the I do see the value in a generalized I agree with your decision to not use the What is your opinion on the default behavior of key ID collisions? An error? Selecting the first one silently? Should a package user of |
Thank you for the quick response @MicahParks!
That is absolutely correct! 💯 I also do agree that it would be better to add an additional method/struct to support multiple JWKS URLs instead of modifying the existing
Uhm, I would leave the decision to the package user, it will depend on the usage. For my case it's not an issue as we're using
As far as I can tell this is not more fiber specific than the matching of If you want I can try to open a PR with what I have so far, otherwise you can use my code if you want and start from there :) However you like! Best, |
Thank you for your input. A pull request would be very welcome! |
@aklinkert, I'd like to invite you to review #78. I believe this PR addresses this issue. |
Hi @MicahParks,
I am using JWKS in a service-to-service token communication and would prefer to use
keyfunc
over the default implementation in https://github.com/gofiber/jwt. In order to have a list of trusted JWKS (one per service) this package would need to accept multiple JWKS endpoints natively.Right now I am bridging the gap by creating one keyfunc per endpoint and iterating all of the keyfuncs, where
trustedJWKSEndpoints
holds a[]string
of trusted JWKS endpoints.Thank you for providing this library!
Best,
Alex
This is what I am doing right now:
The text was updated successfully, but these errors were encountered: