Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Token Refactor Step 2.2: introduce security context #3742

Closed
Tracked by #3743
paullatzelsperger opened this issue Dec 28, 2023 · 0 comments · Fixed by #3760
Closed
Tracked by #3743

Token Refactor Step 2.2: introduce security context #3742

paullatzelsperger opened this issue Dec 28, 2023 · 0 comments · Fixed by #3760
Assignees
@paullatzelsperger
Labels
breaking-change Will require manual intervention for version update enhancement New feature or request refactoring Cleaning up code and dependencies
Milestone
Milestone 13

Comments

@paullatzelsperger
Copy link
Member

paullatzelsperger commented Dec 28, 2023
edited
Loading

Feature Request

Step 2.2 of the token refactoring deals with the refactoring of the TokenValidationService. Different types of tokens require different verification and validation rules. Furthermore, resolving the public key with which to verify the token could depend on the calling code: some public keys are resolved from a DID, some are resolve from a PKI, others may be configured in the settings etc.

Which Areas Would Be Affected?

jwt-spi, oauth2-core

Why Is the Feature Desired?

the same type (as in: Java type) of token may need be validated and verified differently depending on the calling code.

Solution Proposal

public interface TokenValidationService {
    Result<ClaimToken> validate(TokenRepresentation representation, PublicKeyResolver resolver, TokenValidationRule... rules);
    Result<ClaimToken> validate(@NotNull String token, PublicKeyResolver resolver, TokenValidationRule... rules);
}
@paullatzelsperger paullatzelsperger added breaking-change Will require manual intervention for version update enhancement New feature or request refactoring Cleaning up code and dependencies labels Dec 28, 2023
@paullatzelsperger paullatzelsperger added this to the Milestone 13 milestone Dec 28, 2023
@paullatzelsperger paullatzelsperger mentioned this issue Dec 28, 2023
Closed
9 tasks
@paullatzelsperger paullatzelsperger self-assigned this Jan 4, 2024
This was referenced Jan 4, 2024
Closed
Merged
Merged
@paullatzelsperger paullatzelsperger linked a pull request Jan 8, 2024 that will close this issue
refactor: add context to TokenValidationService #3760
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@paullatzelsperger paullatzelsperger

Labels
breaking-change Will require manual intervention for version update enhancement New feature or request refactoring Cleaning up code and dependencies
Projects
None yet
Milestone
Milestone 13
Development

Successfully merging a pull request may close this issue.

refactor: add context to TokenValidationService eclipse-edc/Connector
1 participant
@paullatzelsperger