ghinstallation icon indicating copy to clipboard operation
ghinstallation copied to clipboard
verified publisher icon bradleyfalzon

Allow JWT signing method to be configurable.

Open wlynch opened this issue 3 years ago • 2 comments

This change creates a new Signer interface which encapsulates jwt.SigningMethod + the key material use to sign JWT tokens.

This allows clients to modify how JWT tokens are signed by passing in their own Signer. In particular, I'm interested in coupling this with something like https://github.com/golang-jwt/jwt#extensions to allow for JWT signing backed by KMS systems (Vault, Cloud KMS, etc) where the private key never resides on the local client.

Introduces a new AppsTransportOptions to make it easier to make new transport creation options without needing to make new funcs each time. For now only added WithSigner, but we could easily extend this out to other config options (Client, BaseURL, etc.)

Finally, upgrades deprecated jwt.StandardClaims -> jwt.RegisteredClaims.

wlynch avatar Sep 28 '22 22:09 wlynch

This looks good and the I like the AppsTransportOptions. The smallest nit would be whether you wanted to add something to README.

bradleyfalzon avatar Sep 30 '22 03:09 bradleyfalzon

Sure thing! Coming right up.

wlynch avatar Oct 04 '22 16:10 wlynch

@bradleyfalzon This is good for another look! 🙏

wlynch avatar Oct 17 '22 14:10 wlynch

@bradleyfalzon ping for review

wlynch avatar Nov 03 '22 19:11 wlynch

Sorry @wlynch! I've completely missed this, should we merge? It looks good to me.

bradleyfalzon avatar Apr 07 '23 04:04 bradleyfalzon

oh sure! (I also forgot about this 😅 )

wlynch avatar Apr 07 '23 16:04 wlynch