storage icon indicating copy to clipboard operation
storage copied to clipboard

Published 20 hours ago verified publisher icon supabase

fix(jwt): support multi-algorithm of JWT verify

Open xenirio opened this issue 3 years ago • 1 comments

What kind of change does this PR introduce?

  • To make supabase storage support multiple JWT verify algorithm (e.g. RS256)
  • To support base64 ofPGRST_JWT_SECRET

What is the current behavior?

The verifyJWT function does not support RS256 here https://github.com/supabase/storage-api/blob/9bf39cd2b5f897b55b60a4af7cadc8b5f53b33af/src/utils/index.ts#L37

What is the new behavior?

The verifyJWT function support RS256 and other algorithms.

xenirio avatar Aug 11 '22 09:08 xenirio

@xenirio thanks for the contribution!

The PR looks good, the only thing I'm not convinced yet is to allow base64 encoded parameters. Probably would be better to decode the string upstream

PGRST_JWT_SECRET="$(echo $PGRST_JWT_SECRET | base64 -d) node index.js

fenos avatar Aug 25 '22 14:08 fenos

@fenos I've updated my PR by remove PGRST_JWT_SECRET_IS_BASE64. Please check.

Thank you.

xenirio avatar Oct 03 '22 03:10 xenirio

Hey @xenirio looks good! Was about to merge but there is some linting that prevents me to do that. Can you please run prettier on the files:

warn] src/utils/config.ts
[warn] src/utils/index.ts

fenos avatar Oct 21 '22 10:10 fenos

I will merge and run prettier on it 👍

fenos avatar Oct 25 '22 10:10 fenos

:tada: This PR is included in version 0.24.1 :tada:

The release is available on GitHub release

Your semantic-release bot :package::rocket:

github-actions[bot] avatar Oct 25 '22 10:10 github-actions[bot]