From 9ae8633ba5522c9046a6042ebdf2918c2945f29b Mon Sep 17 00:00:00 2001 From: Tanner Nelson Date: Thu, 10 Aug 2017 15:01:24 -0400 Subject: [PATCH] build --- build/2.0/jwt/overview/index.html | 7 +++---- build/2.0/mkdocs/search_index.json | 4 ++-- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/build/2.0/jwt/overview/index.html b/build/2.0/jwt/overview/index.html index 76a04f83..64976c31 100644 --- a/build/2.0/jwt/overview/index.html +++ b/build/2.0/jwt/overview/index.html @@ -1763,14 +1763,13 @@ Custom signers are not backward compatible and must specify an additional

Config/jwt.json

{
-  "signers": [
-    {
+  "signers": {
+    "1234": {
       "type": "rsa",
-      "kid": "1234",
       "algorithm": "rs256",
       "key": "yourkeyhere"
     }
-  ]
+  }
 }
diff --git a/build/2.0/mkdocs/search_index.json b/build/2.0/mkdocs/search_index.json index 5b35f3ab..f9b0ede7 100644 --- a/build/2.0/mkdocs/search_index.json +++ b/build/2.0/mkdocs/search_index.json @@ -2032,7 +2032,7 @@ }, { "location": "/jwt/overview/", - "text": "JWT Overview\n\n\nThis guide gives an overview of using the JWT provider package.\n\n\nConfiguration\n\n\nJWTProvider\n can be configured in \n3\n different ways:\n\n\n\n\nCustom signers defined in \njwt.json\n\n\nSupports (private/public): \nhmac\n, \nrsa\n, \nesdca\n.\n\n\nLegacy custom signer defined in \njwt.json\n. \n\n\nSupports (private/public): \nhmac\n, \nrsa\n, \nesdca\n.\n\n\nRemote JSON Web Key Set (\njwks.json\n) URL\n\n\nSupports (private/public): \nrsa\n.\n\n\n\n\nIf your Vapor app is acting as an Authentication Provider, you may want to use either the \nLegacy custom signer\n setup, or the \nCustom signers\n setup, which is great if you want to perform certificates rotation.\n\n\nThe only difference is that with \nCustom signers\n the \nkid\n value in the \nJWT\n header is not ignored, and it must match an associated signer in order to verify the signature.\n\n\nIf your Vapor app is a Resource Provider that delegates Authentication to a 3rd party (auth0, stormpath, etc), you may want to use the \nRemote JSON Web Key Set\n setup. In this configuration the JWT token is generated by a 3rd party that provides the public key in JSON Web Key Set format.\nThe Vapor app is only in charge to verify the \nJWT\n signature using the key set provided by the 3rd party.\n\n\nRemote JSON Web Key Set\n\n\nConfig/jwt.json\n\n\n{\n\n \njwks-url\n:\n \nhttp://my-domain.com/well-known/jwks.json\n\n\n}\n\n\n\n\n\n\nCustom Signers\n\n\nThis allows to specify an array of signers and is particularly useful for rotating certificates.\nCustom signers are not backward compatible and must specify an additional \nkid\n in the configuration.\n\n\n\n\ntype: \nunsigned\n, \nhmac\n, \nrsa\n, \nesdca\n\n\nkid: an unique identifier\n\n\nalgorithm:\n\n\ntype[\nhmac\n]: \nhs256\n, \nhs384\n, \nhs512\n\n\ntype[\nrsa\n]: \nrs256\n, \nrs384\n, \nrs512\n\n\ntype[\nesdca\n]: \nes256\n, \nes384\n, \nes512\n\n\n\n\nConfig/jwt.json\n\n\n{\n\n \nsigners\n:\n \n[\n\n \n{\n\n \ntype\n:\n \nrsa\n,\n\n \nkid\n:\n \n1234\n,\n\n \nalgorithm\n:\n \nrs256\n,\n\n \nkey\n:\n \nyourkeyhere\n\n \n}\n\n \n]\n\n\n}\n\n\n\n\n\n\nLegacy Custom Signer\n\n\nThis is backwards compatible with the previous implementation.\n\n\n\n\ntype: \nunsigned\n, \nhmac\n, \nrsa\n, \nesdca\n\n\nalgorithm:\n\n\ntype[\nhmac\n]: \nhs256\n, \nhs384\n, \nhs512\n\n\ntype[\nrsa\n]: \nrs256\n, \nrs384\n, \nrs512\n\n\ntype[\nesdca\n]: \nes256\n, \nes384\n, \nes512\n\n\n\n\nConfig/jwt.json\n\n\n{\n\n \nsigner\n:\n \n{\n\n \ntype\n:\n \nrsa\n,\n\n \nalgorithm\n:\n \nrs256\n,\n\n \nkey\n:\n \nyourkeyhere\n\n \n}\n\n\n}", + "text": "JWT Overview\n\n\nThis guide gives an overview of using the JWT provider package.\n\n\nConfiguration\n\n\nJWTProvider\n can be configured in \n3\n different ways:\n\n\n\n\nCustom signers defined in \njwt.json\n\n\nSupports (private/public): \nhmac\n, \nrsa\n, \nesdca\n.\n\n\nLegacy custom signer defined in \njwt.json\n. \n\n\nSupports (private/public): \nhmac\n, \nrsa\n, \nesdca\n.\n\n\nRemote JSON Web Key Set (\njwks.json\n) URL\n\n\nSupports (private/public): \nrsa\n.\n\n\n\n\nIf your Vapor app is acting as an Authentication Provider, you may want to use either the \nLegacy custom signer\n setup, or the \nCustom signers\n setup, which is great if you want to perform certificates rotation.\n\n\nThe only difference is that with \nCustom signers\n the \nkid\n value in the \nJWT\n header is not ignored, and it must match an associated signer in order to verify the signature.\n\n\nIf your Vapor app is a Resource Provider that delegates Authentication to a 3rd party (auth0, stormpath, etc), you may want to use the \nRemote JSON Web Key Set\n setup. In this configuration the JWT token is generated by a 3rd party that provides the public key in JSON Web Key Set format.\nThe Vapor app is only in charge to verify the \nJWT\n signature using the key set provided by the 3rd party.\n\n\nRemote JSON Web Key Set\n\n\nConfig/jwt.json\n\n\n{\n\n \njwks-url\n:\n \nhttp://my-domain.com/well-known/jwks.json\n\n\n}\n\n\n\n\n\n\nCustom Signers\n\n\nThis allows to specify an array of signers and is particularly useful for rotating certificates.\nCustom signers are not backward compatible and must specify an additional \nkid\n in the configuration.\n\n\n\n\ntype: \nunsigned\n, \nhmac\n, \nrsa\n, \nesdca\n\n\nkid: an unique identifier\n\n\nalgorithm:\n\n\ntype[\nhmac\n]: \nhs256\n, \nhs384\n, \nhs512\n\n\ntype[\nrsa\n]: \nrs256\n, \nrs384\n, \nrs512\n\n\ntype[\nesdca\n]: \nes256\n, \nes384\n, \nes512\n\n\n\n\nConfig/jwt.json\n\n\n{\n\n \nsigners\n:\n \n{\n\n \n1234\n:\n \n{\n\n \ntype\n:\n \nrsa\n,\n\n \nalgorithm\n:\n \nrs256\n,\n\n \nkey\n:\n \nyourkeyhere\n\n \n}\n\n \n}\n\n\n}\n\n\n\n\n\n\nLegacy Custom Signer\n\n\nThis is backwards compatible with the previous implementation.\n\n\n\n\ntype: \nunsigned\n, \nhmac\n, \nrsa\n, \nesdca\n\n\nalgorithm:\n\n\ntype[\nhmac\n]: \nhs256\n, \nhs384\n, \nhs512\n\n\ntype[\nrsa\n]: \nrs256\n, \nrs384\n, \nrs512\n\n\ntype[\nesdca\n]: \nes256\n, \nes384\n, \nes512\n\n\n\n\nConfig/jwt.json\n\n\n{\n\n \nsigner\n:\n \n{\n\n \ntype\n:\n \nrsa\n,\n\n \nalgorithm\n:\n \nrs256\n,\n\n \nkey\n:\n \nyourkeyhere\n\n \n}\n\n\n}", "title": "Overview" }, { @@ -2052,7 +2052,7 @@ }, { "location": "/jwt/overview/#custom-signers", - "text": "This allows to specify an array of signers and is particularly useful for rotating certificates.\nCustom signers are not backward compatible and must specify an additional kid in the configuration. type: unsigned , hmac , rsa , esdca kid: an unique identifier algorithm: type[ hmac ]: hs256 , hs384 , hs512 type[ rsa ]: rs256 , rs384 , rs512 type[ esdca ]: es256 , es384 , es512 Config/jwt.json { \n signers : [ \n { \n type : rsa , \n kid : 1234 , \n algorithm : rs256 , \n key : yourkeyhere \n } \n ] }", + "text": "This allows to specify an array of signers and is particularly useful for rotating certificates.\nCustom signers are not backward compatible and must specify an additional kid in the configuration. type: unsigned , hmac , rsa , esdca kid: an unique identifier algorithm: type[ hmac ]: hs256 , hs384 , hs512 type[ rsa ]: rs256 , rs384 , rs512 type[ esdca ]: es256 , es384 , es512 Config/jwt.json { \n signers : { \n 1234 : { \n type : rsa , \n algorithm : rs256 , \n key : yourkeyhere \n } \n } }", "title": "Custom Signers" }, {