Hi Hasanthi, On Thu, Jan 4, 2018 at 4:32 PM, Hasanthi Purnima Dissanayake < hasan...@wso2.com> wrote:
> Hi All, > > Following tasks are identified for the implementation for the $subject. > > 1. Move the logic of validating the token API invocation request to > validate required parameters for JWT client authentication to > PrivatekeyJWTClientAuthHandler > 2. Introduce a new interface to read the public certificate. > - Certificate can be read from keystore > - Certificate can be read from db > - Certificate can be read from any other means > 3. Data which will be persisted in IDN_JWT_PRIVATE_KEY can be grown > rapidly which may cause to some performance issues. So need to implement a > cleanup script based on the expiration time of the JWT. > Which data are supposed to store in IDN_JWT_PRIVATE_KEY table? What is the reason to store those data? Thanks Isura. > 4. Honour the UI configuration for confidential applications which is > discussed in mail [1] > > Apart from above need to consider on following tasks: > 1. Improving the unit tests of the repository > 2. Improve the documentations for the $subject. > > > [1] Confidential Aplications in OAuth2 Flow > > Thanks, > -- > > Hasanthi Dissanayake > > Senior Software Engineer | WSO2 > > E: hasan...@wso2.com > M :0718407133| http://wso2.com <http://wso2.com/> > -- *Isura Dilhara Karunaratne* Associate Technical Lead | WSO2 Email: is...@wso2.com Mob : +94 772 254 810 Blog : http://isurad.blogspot.com/
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture