vouch-proxy icon indicating copy to clipboard operation
vouch-proxy copied to clipboard

Published 20 hours ago verified publisher icon vouch

Validate tokens using JWKS

Open simongottschlag opened this issue 5 years ago • 7 comments

Hi,

We should add functionality to validate the tokens received from the OpenID Providers. Either add jwks_uri or using the discovery document. I'm not sure they are validated as of now.

simongottschlag avatar Feb 06 '19 14:02 simongottschlag

Yes I agree. I don't think it is validating the token after checking existence of token yet. Is validation function coming up soon? I appreciate your implementation schedule for it.

csckhw303 avatar May 07 '19 20:05 csckhw303

Hello,

Are there any updates on this one, I would be needing this feature as current all JWT tokens are being accepted.

prateek2408 avatar Jun 04 '20 07:06 prateek2408

I see this being implemented after #41

@prateek2408 are you interested in working on this feature along with #41? PRs welcome.

bnfinet avatar Jun 04 '20 18:06 bnfinet

@bnfinet - I can definitely work on this one.

prateek2408 avatar Jun 05 '20 04:06 prateek2408

That's wonderful @prateek2408. Do let me know if I can be of assistance.

bnfinet avatar Jun 05 '20 17:06 bnfinet

@simongottschlag I'm going to reopen this one. I'm pushing on #41 OIDC discovery right now and hope to tackle some aspect of this at the same time.

bnfinet avatar Nov 23 '20 20:11 bnfinet

@bnfinet great! 😁👍

simongottschlag avatar Nov 23 '20 20:11 simongottschlag