Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(jans-auth-server): improve client assertion creation code (ClientAuthnRequest) #1182

Closed
yuriyz opened this issue Apr 7, 2022 · 1 comment
Closed

feat(jans-auth-server): improve client assertion creation code (ClientAuthnRequest) #1182

yuriyz opened this issue Apr 7, 2022 · 1 comment
Assignees
@yuriyz
Labels
comp-jans-auth-server Component affected by issue or PR kind-enhancement Issue or PR is an enhancement to an existing functionality kind-feature Issue or PR is a new feature request
Milestone
1.0.1

Comments

@yuriyz
Copy link
Contributor

yuriyz commented Apr 7, 2022

Description

HS256 is fallback algorithm which assumes that shared key is used instead of asymetric keys. Code can be better at this place and maybe we should aggresively fail:

  • if asymetric key is set with alg HS*

  • in opposite case when shared key is set with alg that is not HS* (RS*, PS* etc.)

Indeed fallback to HS with asymetric key does not make sense (which is the case currently).

Inspiration is taken from GluuFederation/oxAuth#1661
@yuriyz yuriyz self-assigned this Apr 7, 2022
@yuriyz yuriyz added kind-enhancement Issue or PR is an enhancement to an existing functionality comp-jans-auth-server Component affected by issue or PR labels Apr 7, 2022
@mo-auto mo-auto added the kind-feature Issue or PR is a new feature request label Apr 7, 2022
@moabu moabu added this to the 1.0.1 milestone Jun 15, 2022
yuriyz added a commit that referenced this issue Jul 5, 2022
@yuriyz
feat(jans-auth-server): improve client assertion creation code (Clien…
81946b2 
…tAuthnRequest) #1182
@yuriyzz yuriyzz mentioned this issue Jul 5, 2022
Merged
yuriyz added a commit that referenced this issue Jul 5, 2022
@yuriyz
Merge pull request #1685 from JanssenProject/jans-auth-server-1182
1c13ca4 
feat(jans-auth-server): improve client assertion creation code #1182
@mo-auto3 mo-auto3 mentioned this issue Jul 6, 2022
Merged
@mo-auto mo-auto mentioned this issue Jul 6, 2022
Merged
@yuriyz
Copy link
Contributor Author

yuriyz commented Jul 7, 2022

Done

@yuriyz yuriyz closed this as completed Jul 7, 2022
@mo-auto mo-auto mentioned this issue Aug 30, 2022
Merged
@mo-auto3 mo-auto3 mentioned this issue Aug 30, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@yuriyz yuriyz

Labels
comp-jans-auth-server Component affected by issue or PR kind-enhancement Issue or PR is an enhancement to an existing functionality kind-feature Issue or PR is a new feature request
Projects
None yet
Milestone
1.0.1
Development

No branches or pull requests
3 participants
@yuriyz @moabu @mo-auto