Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

oauth2: Adds JWT Access Token strategy #947

Merged
merged 4 commits into from
Jul 23, 2018
Merged

oauth2: Adds JWT Access Token strategy #947

merged 4 commits into from
Jul 23, 2018

Conversation

aeneasr
Copy link
Member

@aeneasr aeneasr commented Jul 22, 2018

This patch adds the (experimental) ability to issue JSON Web Tokens instead of ORY Hydra's opaque access tokens. Please be aware that this feature has had little real-world and unit testing and may not be suitable for production.

Simple integration tests using the JWT strategy have been added to ensure functionality.

To use the new JWT strategy, set environment variable OAUTH2_ACCESS_TOKEN_STRATEGY to jwt. For example: export OAUTH2_ACCESS_TOKEN_STRATEGY=jwt.

Please be aware that we (ORY) do not recommend using the JWT strategy for various reasons. If you can, use the default and recommended "opaque" strategy instead.

Closes #248

Signed-off-by: arekkas <aeneas@ory.am>
@aeneasr aeneasr added feat New feature or request. package/oauth2 labels Jul 22, 2018
@aeneasr aeneasr added this to the v1.0.0-beta.8 milestone Jul 22, 2018
@aeneasr aeneasr self-assigned this Jul 22, 2018

jwtStrategy, err := jwk.NewRS256JWTStrategy(c.Context().KeyManager, oauth2.OAuth2JWTKeyName)
if err != nil {
c.GetLogger().WithError(err).Fatalf("Unable to refresh Access Token signing keys.")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't a return or panic be here?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fatalf runs os.Exit(1)

This patch adds the (experimental) ability to issue JSON Web Tokens instead of ORY Hydra's opaque access tokens. Please be aware that this feature has had little real-world and unit testing and may not be suitable for production.

Simple integration tests using the JWT strategy have been added to ensure functionality.

To use the new JWT strategy, set environment variable `OAUTH2_ACCESS_TOKEN_STRATEGY` to `jwt`. For example: `export OAUTH2_ACCESS_TOKEN_STRATEGY=jwt`.

Please be aware that we (ORY) do not recommend using the JWT strategy for various reasons. If you can, use the default and recommended "opaque" strategy instead.

Closes #248

Signed-off-by: arekkas <aeneas@ory.am>
@aeneasr aeneasr force-pushed the fix-248 branch 2 times, most recently from 167786c to 2073298 Compare July 22, 2018 21:22
Signed-off-by: arekkas <aeneas@ory.am>
@aeneasr aeneasr force-pushed the fix-248 branch 2 times, most recently from 7855b33 to 22c278c Compare July 23, 2018 14:48
This patch introduces more tests for code and refresh flows and the JWT
strategy.

Signed-off-by: arekkas <aeneas@ory.am>
@aeneasr aeneasr merged commit e79014d into master Jul 23, 2018
@aeneasr aeneasr deleted the fix-248 branch July 23, 2018 15:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
feat New feature or request. package/oauth2
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants