Hi All,
Following tasks are identified for the implementation for the $subject.
1. Move the logic of validating the token API invocation request to
validate required parameters for JWT client authentication to
PrivatekeyJWTClientAuthHandler
2. Introduce a new interface to read the public certific
Hi Hasanthi,
On Thu, Jan 4, 2018 at 4:32 PM, Hasanthi Purnima Dissanayake <
hasan...@wso2.com> wrote:
> Hi All,
>
> Following tasks are identified for the implementation for the $subject.
>
> 1. Move the logic of validating the token API invocation request to
> validate required parameters for JW
On Fri, Jan 5, 2018 at 7:49 AM, Isura Karunaratne wrote:
> Hi Hasanthi,
>
> On Thu, Jan 4, 2018 at 4:32 PM, Hasanthi Purnima Dissanayake <
> hasan...@wso2.com> wrote:
>
>> Hi All,
>>
>> Following tasks are identified for the implementation for the $subject.
>>
>> 1. Move the logic of validating t
Hi Isura/Omindu,
Which data are supposed to store in IDN_JWT_PRIVATE_KEY table? What is the
> reason to store those data?
>
In the patch that we have provided for 5.3.0 , this table contains
following fields.
JWT_ID (primary key)
EXP_TIME
TIME_CREATED
JWT_ID is an unique identifier for the toke
+Hasintha
On Fri, Jan 5, 2018 at 9:47 AM, Hasanthi Purnima Dissanayake <
hasan...@wso2.com> wrote:
> Hi Isura/Omindu,
>
> Which data are supposed to store in IDN_JWT_PRIVATE_KEY table? What is
>> the reason to store those data?
>>
>
> In the patch that we have provided for 5.3.0 , this table con
On Thu, Jan 4, 2018 at 4:32 PM, Hasanthi Purnima Dissanayake <
hasan...@wso2.com> wrote:
> Hi All,
>
> Following tasks are identified for the implementation for the $subject.
>
> 1. Move the logic of validating the token API invocation request to
> validate required parameters for JWT client authe
On Fri, Jan 5, 2018 at 10:08 AM, Hasintha Indrajee
wrote:
>
>
> On Thu, Jan 4, 2018 at 4:32 PM, Hasanthi Purnima Dissanayake <
> hasan...@wso2.com> wrote:
>
>> Hi All,
>>
>> Following tasks are identified for the implementation for the $subject.
>>
>> 1. Move the logic of validating the token API
On Fri, Jan 5, 2018 at 9:47 AM, Hasanthi Purnima Dissanayake <
hasan...@wso2.com> wrote:
> Hi Isura/Omindu,
>
> Which data are supposed to store in IDN_JWT_PRIVATE_KEY table? What is
>> the reason to store those data?
>>
>
> In the patch that we have provided for 5.3.0 , this table contains
> fol
Please see [1] to read more about storing the application certificate in
the database.
[1] - Mail Thread: '[Feature] Storing the application certificate in the
database.'
On Fri, Jan 5, 2018 at 11:08 AM, Prakhash Sivakumar
wrote:
>
>
> On Fri, Jan 5, 2018 at 9:47 AM, Hasanthi Purnima Dissanayak
On Friday, January 5, 2018, Hasanthi Purnima Dissanayake
wrote:
> Hi Isura/Omindu,
>
> Which data are supposed to store in IDN_JWT_PRIVATE_KEY table? What is
>> the reason to store those data?
>>
>
> In the patch that we have provided for 5.3.0 , this table contains
> following fields.
> JWT_ID
Hi Farasath,
Shouldn't this restriction per SP(client)?
> Since jti is an identifier string, what happens if two different SPs send
> two different JWTs with the same jti?
>
As it is the same token end point which will issue the JWT, we did not
think to restrict this for per SP. So we have preven
11 matches
Mail list logo