Comments (4)
lestrrat
commented on June 1, 2024
1
It would be very helpful if you could provide a minimal reproduction code and/or failing test code, thanks :)
from jwx.
lestrrat
commented on June 1, 2024
1
Sorry for the wait, and thank you for your help. I incorporated your fix and tests
from jwx.
reinkrul
commented on June 1, 2024
This is the test case I wrote: x5c_test.go.txt
I'd fix it as follows (jwk/headers_gen.go:274):
if v, ok := h.Get(X509CertChainKey); ok {
var chain []*x509.Certificate
if chain, ok = v.([]*x509.Certificate); !ok {
return fmt.Errorf("%s is of invalid type %T", X509CertChainKey, v)
}
encodedChain, err := marshalX509CertChain(chain)
if err != nil {
return err
}
m[X509CertChainKey] = encodedChain
}
func marshalX509CertChain(chain []*x509.Certificate) ([]string, error) {
encodedCerts := make([]string, len(chain))
for idx, cert := range chain {
encodedCerts[idx] = base64.StdEncoding.EncodeToString(cert.Raw)
}
return encodedCerts, nil
}
This worked, but then I realized the file is generated and thus would be overwritten. I have no problem creating a pull request, but I don't see where to inject custom marshalling logic for the x5c field.
from jwx.
reinkrul
commented on June 1, 2024
Awesome, thanks!
from jwx.
Related Issues (20)
- Example of decrypting a JWT? HOT 1
- jwt.ParseInsecure return verification error HOT 4
- jws.UnregisterSigner does not remove the underlying signer from the global signers map HOT 4
- `WithInferAlgorithmFromKey` should cache inferences alas HOT 3
- Simple custom field on a JWT token HOT 5
- Update go version within go.mod
- `jwk.SetGlobalFetcher` requires object implementing interface with unexported methods HOT 19
- Expose function to check if `jws.Verify` failed with `verifyError` or not HOT 6
- [v3] Deprecate jwk's global fetcher
- [doc] CVE-2024-21664 - Missing v1 fix version HOT 9
- [v1][v2] Add option to disallow JSON format for JWTs HOT 2
- Disabling kid check with jws.Verify on a JWKSet HOT 2
- jwt.ParseRequest should also look for the token in cookies HOT 3
- How to Sign a jwt token with just a string and not publicKey and privateKey HOT 2
- [v2] Accessing registered claims during verification (keyprovider) HOT 6
- Support the new fully-specified JOSE algorithms HOT 2
- Support for custom key usage types in JWKs HOT 3
- Ability to work with PEM/DER for secp256k1 HOT 14
- jwx command-line tool does not support PEM output for secp256k1 HOT 2
- [v3] Change KeyUsageType's Accept behavior to be by default strict, and allow toggling the feature
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jwx.