jwt icon indicating copy to clipboard operation
jwt copied to clipboard

Published 20 hours ago verified publisher icon gofiber

Feature/multiple jwks urls

Open vmantese opened this issue 2 years ago • 3 comments

This PR includes two parts, one discovered while implementing the feature.

  1. A fix for a nil deref bug where Config.KeyRefreshUnknownKID is checked when possibly nil.
  2. The feature to add multiple keyset urls. I have encountered this personally when using Azure AD to auth machine users and Azure B2C to auth users. When similar key ids are encountered across urls they are overwritten in no guaranteed order(as of right now)

vmantese avatar Jun 22 '22 03:06 vmantese

@ReneWerner87 Please let me know if there are any steps to contribution that I am missing.

vmantese avatar Jun 22 '22 03:06 vmantese

@vmantese pls check https://github.com/gofiber/jwt/runs/7227747792?check_suite_focus=true

ReneWerner87 avatar Jul 07 '22 06:07 ReneWerner87

@ReneWerner87 I have logged the swallowed error, gosec should be good now

vmantese avatar Aug 12 '22 14:08 vmantese

@ReneWerner87 Please let me know if there is anything that I am missing.

vmantese avatar Aug 31 '22 03:08 vmantese

ok thx, will later look at it

ReneWerner87 avatar Aug 31 '22 06:08 ReneWerner87

@vmantese i tried to improve the config part a little bit https://github.com/gofiber/jwt/pull/94/commits/f1370e1ce22013ec23c7b635f34e469e929c2a7e

can you check? and after your approval i will merge

ReneWerner87 avatar Sep 05 '22 11:09 ReneWerner87