Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refactor challenge verification #580

Merged
merged 2 commits into from
May 17, 2022
Merged

Refactor challenge verification #580

merged 2 commits into from
May 17, 2022

Commits on May 16, 2022

  1. Break up token parsing and proof of possession verification 

    Signed-off-by: Nathan Smith <nathan@chainguard.dev>
    Nathan Smith committed May 16, 2022
    Configuration menu
    Copy the full SHA
    acadb79 View commit details
    Browse the repository at this point in the history

  2. Group proof of possession logic by challenge type 

    There are two challenges a caller can use to prove they possess their
private key:
- Submit a CSR
- Sign the subject or email from their ID token
Previously the logic to verify these two types of challenges was
interweaved. This work splits the verification into two different
branches and groups the logic of each type of verification together.

Signed-off-by: Nathan Smith <nathan@chainguard.dev>
    Nathan Smith committed May 16, 2022
    Configuration menu
    Copy the full SHA
    57dbda7 View commit details
    Browse the repository at this point in the history