Skip to content

Add JwtEncoder to support JWT/JWS #81

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
jgrandja opened this issue May 27, 2020 · 2 comments
Closed

Add JwtEncoder to support JWT/JWS #81

jgrandja opened this issue May 27, 2020 · 2 comments
Assignees
@jgrandja
Labels
type: enhancement A general enhancement
Milestone
0.0.1

Comments

@jgrandja
Copy link
Collaborator

jgrandja commented May 27, 2020
edited
Loading

The authorization server should support JSON Web Token (JWT) as an access token format, as well, it MUST be signed - JSON Web Signature (JWS).

JwtEncoder is the counterpart to JwtDecoder in the spring-security-oauth2-jose module.

Implementation Requirements

  • define interface JwtEncoder
  • provide an implementation of JwtEncoder - NimbusJwtEncoder NOTE: The implementation should use the Nimbus JOSE + JWT library
  • the NimbusJwtEncoder should have a Builder
  • the NimbusJwtEncoder should support HS256 (HMAC using SHA-256)
  • the NimbusJwtEncoder should support RS256 (RSASSA-PKCS1-v1_5 using SHA-256)
  • the NimbusJwtEncoder should have a "KeyManager" that provides the public/private/symmetric keys (also required by Implement JWK Set Endpoint #82 )
  • the NimbusJwtEncoder should be used by OAuth2AuthorizationCodeAuthenticationProvider Implement authorization_code AuthenticationProvider #68 to produce a JWS
  • javadoc class and public methods
  • Unit tests

Specification References

JSON Web Token (JWT)
JSON Web Signature (JWS)
Cryptographic Algorithms for Digital Signatures and MACs
@jgrandja jgrandja added type: enhancement A general enhancement status: on-hold We can't start working on this issue yet labels May 27, 2020
@jgrandja jgrandja added this to the 0.0.1 milestone May 27, 2020
@idosal
Copy link
Contributor

idosal commented May 27, 2020

I'd love to be considered to take this when it's up for development.

This was referenced May 27, 2020
Closed
Closed
@jgrandja
Copy link
Collaborator Author

Thank you for your interest @idosal. It looks like I have a team (internal to VMware) that will work on delivering the JOSE stack. If anything changes, I'll be sure to let you know.

@jgrandja jgrandja removed the status: on-hold We can't start working on this issue yet label May 28, 2020
@jgrandja jgrandja mentioned this issue Jun 2, 2020
Closed
anoopgarlapati added a commit to anoopgarlapati/spring-authorization-server that referenced this issue Jun 11, 2020
@anoopgarlapati
Introduce JwtEncoder
01af1dd 
Issue spring-projectsgh-81
@anoopgarlapati anoopgarlapati mentioned this issue Jun 11, 2020
Closed
9 tasks
@jgrandja jgrandja mentioned this issue Jun 22, 2020
Closed
jgrandja added a commit to jgrandja/spring-authorization-server that referenced this issue Jul 22, 2020
@jgrandja
Introduce JwtEncoder with JWS implementation
4589e51 
Closes spring-projectsgh-81
@jgrandja jgrandja mentioned this issue Jul 22, 2020
Merged
jgrandja added a commit to jgrandja/spring-authorization-server that referenced this issue Jul 24, 2020
@jgrandja
Introduce JwtEncoder with JWS implementation
98aaf6b 
Closes spring-projectsgh-81
@jgrandja jgrandja mentioned this issue Nov 3, 2020
Closed
jgrandja added a commit that referenced this issue Nov 17, 2020
@jgrandja
Change JwtClaimsSet.Builder.issuer() to String
c1e9c1d 
Issue gh-81
jgrandja added a commit that referenced this issue Nov 30, 2020
@jgrandja
Apply consistent naming to builder() methods
f97b8b2 
Issue gh-143 gh-81
doba16 pushed a commit to doba16/spring-authorization-server that referenced this issue Apr 21, 2023
@jgrandja
Introduce JwtEncoder with JWS implementation
8025514 
Closes spring-projectsgh-81
doba16 pushed a commit to doba16/spring-authorization-server that referenced this issue Apr 21, 2023
@jgrandja
Change JwtClaimsSet.Builder.issuer() to String
db14b70 
Issue spring-projectsgh-81
doba16 pushed a commit to doba16/spring-authorization-server that referenced this issue Apr 21, 2023
@jgrandja
Apply consistent naming to builder() methods
fbc55da 
Issue spring-projectsgh-143 spring-projectsgh-81
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jgrandja jgrandja

Labels
type: enhancement A general enhancement
Projects
None yet
Milestone
0.0.1
Development

No branches or pull requests
3 participants
@jgrandja @idosal @spring-contributor