Comments (2)
I'm not saying that it isn't, but at the same time I'm not convinced that what you suggest is an optimization, because I haven't been presented with evidence that most of times the kid
will be present. I'm willing to be convinced otherwise. For the time being though, by reading the RFC and seeing the examples that are around in my view I determined that I could not optimize for the presence of kid
, and that's why it's the way it is.
For your case, you are free to write your own optimized version of a KeyProvider that is optimized to your needs. I think this would solve your problems?
from jwx.
Thanks for a quick response @lestrrat.
I think that the performance penalty coming from iterating over all the keys and finding the matching kid
is minimal compared to actual verification, but this is only my feeling :)
KeyProvider
looks fine, it's good to know that there's a workaround available. Thanks!
from jwx.
Related Issues (20)
- Example of decrypting a JWT? HOT 1
- jwt.ParseInsecure return verification error HOT 4
- jws.UnregisterSigner does not remove the underlying signer from the global signers map HOT 4
- `WithInferAlgorithmFromKey` should cache inferences alas HOT 3
- Simple custom field on a JWT token HOT 5
- Update go version within go.mod
- `jwk.SetGlobalFetcher` requires object implementing interface with unexported methods HOT 19
- Expose function to check if `jws.Verify` failed with `verifyError` or not HOT 6
- [v3] Deprecate jwk's global fetcher
- [doc] CVE-2024-21664 - Missing v1 fix version HOT 9
- [v1][v2] Add option to disallow JSON format for JWTs HOT 2
- When generating encrypted JWTs using jwt.Serializer, most `jwe.EncryptOption` are ineffective HOT 1
- Decoding a Microsoft OAuth token: use of "jku" field specified, but the field is empty HOT 8
- PR for JAdES Signatures HOT 2
- jwt.Parse silently fails if alg isn't included in JWK HOT 7
- x509 can't support secp256k1 when calling jwk.Pem HOT 4
- Outdated example for iterating through keyset in `v2/jwk` readme HOT 2
- Allow `jwk.Cache` to use a custom `HTTPClient` object. HOT 3
- Add support for ShangMi SM2 Public Key HOT 5
- jws.Sign() allows jwa.RS256 alg when using ECDSA key HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jwx.