Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[v3] Change KeyUsageType's Accept behavior to be by default strict, and allow toggling the feature #1119

Open
lestrrat opened this issue Apr 22, 2024 · 0 comments
Open

[v3] Change KeyUsageType's Accept behavior to be by default strict, and allow toggling the feature #1119

lestrrat opened this issue Apr 22, 2024 · 0 comments
Assignees
@lestrrat
Labels
long-term

Comments

@lestrrat
Copy link
Collaborator

lestrrat commented Apr 22, 2024
edited

JWK's KeyUsageType (aka "use" field) may contain arbitrary values. Currently the behavior is not well implemented.

First, some code such as jwk.KeyUsageType.Accept reject unknown types. But key.Set() and key.UnmarshalJSON() both accept any value. This behavior should be standardized.

We should make the following changes:

  • Add a global option WithStrictUsageType(bool) to enable/disable strict usage type checking. Default should be true.
  • Create jwk.Settings for controlling global behavior for JWK related global options
  • Create RegisterUsageType and UnregisterUsageType, which registers known usage types for strict usage type checking
  • Change Accept() to change behaviors depending on the value of the above option.
  • Change generated code in setNoLock() to use Accept()

Loosely/probably related to #1115
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lestrrat lestrrat

Labels
long-term
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@lestrrat