oauth2: Adds JWT Access Token strategy #947
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: arekkas <aeneas@ory.am>
MOZGIII
reviewed
Jul 22, 2018
|
|
||
| jwtStrategy, err := jwk.NewRS256JWTStrategy(c.Context().KeyManager, oauth2.OAuth2JWTKeyName) | ||
| if err != nil { | ||
| c.GetLogger().WithError(err).Fatalf("Unable to refresh Access Token signing keys.") |
There was a problem hiding this comment.
Shouldn't a return or panic be here?
This patch adds the (experimental) ability to issue JSON Web Tokens instead of ORY Hydra's opaque access tokens. Please be aware that this feature has had little real-world and unit testing and may not be suitable for production. Simple integration tests using the JWT strategy have been added to ensure functionality. To use the new JWT strategy, set environment variable `OAUTH2_ACCESS_TOKEN_STRATEGY` to `jwt`. For example: `export OAUTH2_ACCESS_TOKEN_STRATEGY=jwt`. Please be aware that we (ORY) do not recommend using the JWT strategy for various reasons. If you can, use the default and recommended "opaque" strategy instead. Closes #248 Signed-off-by: arekkas <aeneas@ory.am>
aeneasr
force-pushed
the
fix-248
branch
2 times, most recently
from
167786c
to
2073298
Compare
Signed-off-by: arekkas <aeneas@ory.am>
aeneasr
force-pushed
the
fix-248
branch
2 times, most recently
from
7855b33
to
22c278c
Compare
This patch introduces more tests for code and refresh flows and the JWT strategy. Signed-off-by: arekkas <aeneas@ory.am>
6 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This patch adds the (experimental) ability to issue JSON Web Tokens instead of ORY Hydra's opaque access tokens. Please be aware that this feature has had little real-world and unit testing and may not be suitable for production.
Simple integration tests using the JWT strategy have been added to ensure functionality.
To use the new JWT strategy, set environment variable
OAUTH2_ACCESS_TOKEN_STRATEGYtojwt. For example:export OAUTH2_ACCESS_TOKEN_STRATEGY=jwt.Please be aware that we (ORY) do not recommend using the JWT strategy for various reasons. If you can, use the default and recommended "opaque" strategy instead.
Closes #248