Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support getting of JWKS from local file system for JWT verification purposes #614

Open
3 tasks done
dadrus opened this issue May 8, 2023 · 0 comments
Open
3 tasks done

Support getting of JWKS from local file system for JWT verification purposes #614

dadrus opened this issue May 8, 2023 · 0 comments
Labels
feature Used for new features
Milestone
Future

Comments

@dadrus
Copy link
Owner

dadrus commented May 8, 2023

Preflight checklist

Describe the background of your feature request

Some systems use symmetric keys to sign JWTs. Even symmetric keys can be used by heimdall to verify the corresponding mac, the only currently supported way to get such keys is via an JWKS endpoint. Obviously, exposing symmetric keys via an endpoint is a bad idea.

Describe your idea

Allow heimdall to fetch JWK documents not only from endpoints, but also from the local file system.

Are there any workarounds or alternatives?

No

Version

v0.7.0-alpha

Additional Context

No response
@dadrus dadrus added the feature Used for new features label May 8, 2023
@dadrus dadrus added this to the v0.8.0-alpha milestone May 8, 2023
@dadrus dadrus changed the title Support retriaval of JWKS from local file system Support getting of JWKS from local file system May 8, 2023
@dadrus dadrus changed the title Support getting of JWKS from local file system Support getting of JWKS from local file system for JWT verification purposes Jun 8, 2023
@dadrus dadrus modified the milestones: v0.9.0-alpha, v0.10.0-alpha Jun 23, 2023
@dadrus dadrus modified the milestones: v0.11.0-alpha, Future Jul 20, 2023
@dadrus dadrus mentioned this issue Dec 19, 2023
Merged
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature Used for new features
Projects
None yet
Milestone
Future
Development

No branches or pull requests
1 participant
@dadrus