ruby-jwt icon indicating copy to clipboard operation
ruby-jwt copied to clipboard

Published 20 hours ago verified publisher icon jwt

Introduce JWE support

Open soumyaray opened this issue 9 years ago • 11 comments

Great gem! Any plans in the roadmap to add JWE support to encrypt payloads?

soumyaray avatar May 28 '15 13:05 soumyaray

This would be great feature to be introduced. The JWE spec is quite large and supports a lot of algorithms. This could be great enhancement for version 2.0. Are you willing to provide some help to introduce this feature? We are always looking for people to do some code reviews, test the features introduced in the master branch or to improve the documentation.

excpt avatar Jun 02 '15 15:06 excpt

Welp! what did I get myself into? But yes, I'm happy to take a look into JWE. BTW, how do you see the direction of ruby-jwt differ from json-jwt?

soumyaray avatar Jun 02 '15 23:06 soumyaray

There's no difference in using jwt over json-jwt. In the end it's what you prefer to use a more OOP style approach to implement the JWT specs or the more chaotic way we currently have ;)

excpt avatar Jun 06 '15 12:06 excpt

Is anyone actively working on this? If not, I may take a stab.

aj-michael avatar Jul 20 '15 19:07 aj-michael

@aj-michael I'm looking forward to your work!

kenzan100 avatar Dec 05 '15 10:12 kenzan100

I've just published a gem to encrypt and decrypt JWE ciphertexts. It does not support all the key management methods listed by its specification but I think it would be a good fit for this job. See: https://github.com/aomega08/jwe

francescobbo avatar Jan 13 '16 13:01 francescobbo

@aomega08 Thanks for the contribution to the open source community. :+1: :tada:

I will check your gem if it fits into the library and if we may add it as a dependency in the 2.0 version.

excpt avatar Jan 13 '16 13:01 excpt

Hey @excpt, any news on this? Have you got any idea of how to integrate the two gems?

francescobbo avatar Apr 18 '16 18:04 francescobbo

Ahoy @aomega08,

I think we should keep the gems independent and provide an interface to integrate the encryption part of JWT into the ruby-jwt gem. Other libs may want to use your gem too.

If you're interested we can move your jwe gem repo into this jwt organization and rename the repo to ruby-jwe. You keep all your administrative permission. If you have further questions - send me a mail (bottom of README.md or my profile.). :)

excpt avatar Apr 19 '16 08:04 excpt

Hi there,

is this feature currently being developed? I see that the repo was moved to the jwt organization, so it seems some work has been done. I would like to use it for warden-jwt_auth and devise-jwt gems so that users can encrypt their JWT in case they want to put something private for use during authentication. It would be nice to have it integrated here so we don't have to reinvent the wheel in other libraries :smile:

waiting-for-dev avatar Feb 26 '18 17:02 waiting-for-dev

@waiting-for-dev Unfortunately, this feature is not in active development.

excpt avatar Mar 22 '18 22:03 excpt