[jira] [Commented] (KNOX-3040) Support multiple ways to verify JWT tokens

[ASF subversion and git services (Jira)]

    [ 
https://issues.apache.org/jira/browse/KNOX-3040?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17891323#comment-17891323
 ] 

ASF subversion and git services commented on KNOX-3040:
-------------------------------------------------------

Commit 06f05b499d5ca71411f9dd79f1782eed58f61bd9 in knox's branch 
refs/heads/dependabot/maven/org.apache.shiro-shiro-core-1.13.0 from Sandeep Moré
[ https://gitbox.apache.org/repos/asf?p=knox.git;h=06f05b499 ]

KNOX-3040 - Followup patch. Support for multiple JWKS endpoints + code cleanup 
(#924)

* KNOX-3040 - Followup patch. Support for multiple JWKS endpoints + code cleanup

* Review changes

* Update main.yml

Bumping github actions for checkout and setup-java to v4

* Update main.yml

added distribution and cache attributes

* Update main.yml

simplify mvn cmd

* KNOX-3053 - Fix DefaultTopologyService - Mock setup moved before method call 
(#927)

* KNOX-3040-1 - Fix unit test

---------

Co-authored-by: lmccay <lmc...@apache.org>
Co-authored-by: hanicz <han...@users.noreply.github.com>

> Support multiple ways to verify JWT tokens
> ------------------------------------------
>
>                 Key: KNOX-3040
>                 URL: https://issues.apache.org/jira/browse/KNOX-3040
>             Project: Apache Knox
>          Issue Type: Bug
>            Reporter: Sandeep More
>            Assignee: Sandeep More
>            Priority: Major
>             Fix For: 2.1.0
>
>          Time Spent: 2h
>  Remaining Estimate: 0h
>
> Currently we can only have one way to validate JWT token either 
> # Using JWKS endpoint 
> # Using PEM
> # Using the signing-key
> We should be able to support multiple verifications together. 
> This is an example configuration
> {code:java}
> <provider>
>             <role>federation</role>
>             <name>JWTProvider</name>
>             <enabled>true</enabled>
>             <param>
>                 <name>knox.token.use.cookie</name>
>                 <value>true</value>
>             </param>
>                       
>             <param>
>                 <name>knox.token.jwks.url</name>
>                 <value>https://my.idp.com/oauth/.wellknown</value>
>             </param>
>             <param>
>                 <name>knox.token.verification.pem</name>
>                 
> <value>MIIDaDCCAlCgAwIBAgIJAKFjn6W+gdAXMA0GCSqGSIb3DQEBBQUAMF8xCzAJBgNVBAYTAlVTMQ0wC...</value>
>             </param>
>             <param>
>                 <name>jwt.expected.issuer</name>
>                 <value>https://my.idp.com/</value>
>             </param>
>             <param>
>                 <name>knox.token.use.cookie</name>
>                 <value>true</value>
>             </param>
>         </provider>
> {code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)