[
https://issues.apache.org/jira/browse/KNOX-3040?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17854783#comment-17854783
]
ASF subversion and git services commented on KNOX-3040:
-------------------------------------------------------
Commit 18bf8b4fca796056eb0137d9ab26c16e44c5e255 in knox's branch
refs/heads/master from Sandeep Moré
[ https://gitbox.apache.org/repos/asf?p=knox.git;h=18bf8b4fc ]
KNOX-3040 - Some followup minor fixes (#916)
> Support multiple ways to verify JWT tokens
> ------------------------------------------
>
> Key: KNOX-3040
> URL: https://issues.apache.org/jira/browse/KNOX-3040
> Project: Apache Knox
> Issue Type: Bug
> Reporter: Sandeep More
> Assignee: Sandeep More
> Priority: Major
> Fix For: 2.1.0
>
> Time Spent: 40m
> Remaining Estimate: 0h
>
> Currently we can only have one way to validate JWT token either
> # Using JWKS endpoint
> # Using PEM
> # Using the signing-key
> We should be able to support multiple verifications together.
> This is an example configuration
> {code:java}
> <provider>
> <role>federation</role>
> <name>JWTProvider</name>
> <enabled>true</enabled>
> <param>
> <name>knox.token.use.cookie</name>
> <value>true</value>
> </param>
>
> <param>
> <name>knox.token.jwks.url</name>
> <value>https://my.idp.com/oauth/.wellknown</value>
> </param>
> <param>
> <name>knox.token.verification.pem</name>
>
> <value>MIIDaDCCAlCgAwIBAgIJAKFjn6W+gdAXMA0GCSqGSIb3DQEBBQUAMF8xCzAJBgNVBAYTAlVTMQ0wC...</value>
> </param>
> <param>
> <name>jwt.expected.issuer</name>
> <value>https://my.idp.com/</value>
> </param>
> <param>
> <name>knox.token.use.cookie</name>
> <value>true</value>
> </param>
> </provider>
> {code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
