Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add capability of specifying JWT decode algorithm #13

Merged
merged 1 commit into from
Mar 1, 2024
Merged

Add capability of specifying JWT decode algorithm #13

merged 1 commit into from
Mar 1, 2024

Conversation

santiagorodriguez96
Copy link
Contributor

Summary

This PR allow users of the gem to be able to specify the JWT decode algorithm when downloading a TOC. I let the default be RS256 which is the one that the MSD3 BLOB uses but I'm open to change it.

The reason behind this change is that users might have to download TOC from other endpoints different than the MSD3 BLOB which neeed to be decoded with a different algorithm:

~/.gem/ruby/3.2.2/gems/jwt-2.2.1/lib/jwt/decode.rb:40:in `verify_signature': Expected a different algorithm (JWT::IncorrectAlgorithm)
	from ~/.gem/ruby/3.2.2/gems/jwt-2.2.1/lib/jwt/decode.rb:26:in `decode_segments'
	from ~/.gem/ruby/3.2.2/gems/jwt-2.2.1/lib/jwt.rb:28:in `decode'
	from ~/.gem/ruby/3.2.2/fido_metadata/lib/fido_metadata/client.rb:28:in `download_toc'

@bdewater bdewater merged commit 9c0da5b into bdewater:main Mar 1, 2024
8 checks passed
@santiagorodriguez96 santiagorodriguez96 deleted the sr--specify-jwt-decode-algorithm branch March 1, 2024 18:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@santiagorodriguez96 @bdewater