jwt
jwt copied to clipboard
Feature/multiple jwks urls
This PR includes two parts, one discovered while implementing the feature.
- A fix for a nil deref bug where Config.KeyRefreshUnknownKID is checked when possibly nil.
- The feature to add multiple keyset urls. I have encountered this personally when using Azure AD to auth machine users and Azure B2C to auth users. When similar key ids are encountered across urls they are overwritten in no guaranteed order(as of right now)
@ReneWerner87 Please let me know if there are any steps to contribution that I am missing.
@vmantese pls check https://github.com/gofiber/jwt/runs/7227747792?check_suite_focus=true
@ReneWerner87 I have logged the swallowed error, gosec should be good now
@ReneWerner87 Please let me know if there is anything that I am missing.
ok thx, will later look at it
@vmantese i tried to improve the config part a little bit https://github.com/gofiber/jwt/pull/94/commits/f1370e1ce22013ec23c7b635f34e469e929c2a7e
can you check? and after your approval i will merge