[
https://issues.apache.org/jira/browse/KNOX-3040?focusedWorklogId=922350&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-922350
]
ASF GitHub Bot logged work on KNOX-3040:
----------------------------------------
Author: ASF GitHub Bot
Created on: 06/Jun/24 14:00
Start Date: 06/Jun/24 14:00
Worklog Time Spent: 10m
Work Description: moresandeep opened a new pull request, #915:
URL: https://github.com/apache/knox/pull/915
## What changes were proposed in this pull request?
This PR adds the ability to validate a JWT token using multiple ways at the
same time. Previously, we could only authenticate JWT token using **either**
1. PEM cert
2. JWKS url
3. Knox signing key
With this PR, knox will validate the incoming JWT token using all the above
mechanisms if they are configured.
## How was this patch tested?
This patch was tested locally.
Issue Time Tracking
-------------------
Worklog Id: (was: 922350)
Remaining Estimate: 0h
Time Spent: 10m
> Support multiple ways to verify JWT tokens
> ------------------------------------------
>
> Key: KNOX-3040
> URL: https://issues.apache.org/jira/browse/KNOX-3040
> Project: Apache Knox
> Issue Type: Bug
> Reporter: Sandeep More
> Assignee: Sandeep More
> Priority: Major
> Time Spent: 10m
> Remaining Estimate: 0h
>
> Currently we can only have one way to validate JWT token either
> # Using JWKS endpoint
> # Using PEM
> # Using the signing-key
> We should be able to support multiple verifications together.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
