oauth2-rs icon indicating copy to clipboard operation
oauth2-rs copied to clipboard
verified publisher icon ramosbugs

Add support for RFC 9068

Open gibbz00 opened this issue 1 year ago • 3 comments

RFC 9068: JWT Profile for OAuth 2.0 Access Tokens: tools.ietf.org/html/rfc9068

Suppose it would be something similar to: openidconnect::IdTokenClaims. I can begin to draft a PR if the addition seems reasonable.

gibbz00 avatar May 09 '24 08:05 gibbz00

From only taking a very brief look at how this can be implemented:

There are some helpers and lots of JWK/JWT/... functionality in the openidconnect crate which implement parts of RFC7519. RFC9098 uses it too. One option would be to create a helper crate which both oath2 and openidconnect depend on. Or one could move helpers.rs to oath2, for example.

Suppose @ramosbugs has the final say in this.

gibbz00 avatar May 09 '24 12:05 gibbz00

Sketched a partial implementation downstream for anyone interested in copying it for their own use:

https://github.com/gibbz00/amigo/blob/experimentation/crates/utils/jwt-access-token/src/token.rs

gibbz00 avatar May 09 '24 17:05 gibbz00

See https://github.com/ramosbugs/openidconnect-rs/issues/160#issuecomment-2063885944

JWT functionality adds significant complexity that I don't want to add as a maintenance burden to this crate. Instead, it can be built as a separate crate on top of this one and maintained separately, similar to my openidconnect crate.

ramosbugs avatar May 09 '24 18:05 ramosbugs

Aight, ok with that 😊

gibbz00 avatar May 15 '24 11:05 gibbz00