jwt
jwt copied to clipboard
golang-jwt
Add support for JWK (RFC7517)
Migrated from https://github.com/dgrijalva/jwt-go/issues/249:
dgrijalva commented on Mar 8, 2018
How far down the rabbit hole should we go with this?
See the issue thread for more details
This is a very large undertaking in the scope of this package IMO (as it has way more responsibilities including performing HTTP requests). Should we decide to implement this, I believe it should be done in a separate package using this one
I wrote a package for creating a jwt.Keyfunc. It's github.com/MicahParks/keyfunc.
This package does not create a JSON Web Key set (JWKs). It's only used for validating JWTs signed by a JSON Web Keys in the set. It can optionally grab and automatically refresh the JWKs via HTTP with a couple configuration options.
It's currently a separate package that supports a few github.com/dgrijalva/jwt-go forks including this one. Each fork must be explicitly supported as the signature of jwt.Keyfunc contains an argument that is a Go struct, *jwt.Token, not an interface implementation.
type Keyfunc func(*Token) (interface{}, error)
I'd be happy to contribute a modification of my keyfunc package to this repository, if requested. This would not bring the repository to fully supporting JWKs though, as I don't believe it has the ability to create one.
Here's the example from the original issue.
It would be interesting to support JWKs ~url~ file as a key in the jwt tool.
