Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JOSE support #16

Open
whyoleg opened this issue Feb 21, 2024 · 4 comments
Open

JOSE support #16

whyoleg opened this issue Feb 21, 2024 · 4 comments
Milestone
0.5.0

Comments

@whyoleg
Copy link
Owner

whyoleg commented Feb 21, 2024

Introduce standalone JOSE support module with JWT/JWK/etc.
Support for JWK encoding/decoding can also be used afterwards in providers other than WebCrypto.

Full list of RFCs:
@whyoleg whyoleg modified the milestones: 0.4.0, 0.5.0 Mar 28, 2024
@malhobayyeb
Copy link

Up

@waltkb
Copy link

waltkb commented Jun 27, 2024

Hi, is there anything we (walt.id) could maybe help implement here?

@whyoleg
Copy link
Owner Author

whyoleg commented Jun 28, 2024

Hey, @waltkb, thank you for the interest! That would be really nice!
I've created a branch jose (from main), and we could start creating PR's there as a start.
What I wanted from the initial version is to implement JWT and JWK support. I have no time to investigate the API which would fit Kotlin, so overall, it is up to you to start, and I will review PRs as we go.
To begin, let us add jose module under cryptography-serialization folder. You can also take a look on setup of asn1 module as a base for it — all targets + kotlinx-serialization-json. No other dependencies, at least for now.
The main idea would be to be simple enough and use kotlinx-serialization-json to handle serialisation (obviously).
Also, we will need Base64 - I would propose to just use the one which is already available in kotlin-stdlib. It is experimental, but I believe it should be fine.
If you have any other questions, feel free to ask here or anywhere else linked on GitHub!

When we have all the base blocks from the serialisation part, then we can start thinking about how to integrate it with signing part of core module to have the best experience.

Thank you once more, I'm looking forward to it!

@aschulz90
Copy link

I am currently in the progress of implementing a JWT library for Kotlin Multiplatform supporting all platforms this library also supports and have signing and verification done very easily so far.
Next step is JWKS support, but is is currently blocked by missing support for decoding public keys using JWK format.

The current progress is avaiable here: https://github.com/Appstractive/jwt-kt
The JWK handling is implemented here.

Maybe the repository will be useful to you by using it as a playground to test the JWK implementation.
There is a test in the jwt-jwks module, that should pass, once JWK decoding works for all platforms (pending interface changes).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
0.5.0
Development

No branches or pull requests
4 participants
@malhobayyeb @aschulz90 @whyoleg @waltkb