Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Derive signer of JWT-VP from the kid header, not the 'iss' field #2678

Merged
merged 2 commits into from
Dec 13, 2023
Merged

Derive signer of JWT-VP from the kid header, not the 'iss' field #2678

merged 2 commits into from
Dec 13, 2023

Conversation

gerardsn
Copy link
Member

@gerardsn gerardsn commented Dec 12, 2023
edited
Loading

closes #2679

reinkrul
reinkrul requested changes Dec 12, 2023
View reviewed changes
vcr/credential/resolver.go Outdated Show resolved Hide resolved
gerardsn
gerardsn commented Dec 13, 2023
View reviewed changes
vcr/credential/resolver.go
Comment on lines +72 to +74
if kid == "" {
return nil, errors.New("no kid header in JWT")
}
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

verifier.resolveSigningKey tries to apply some magic in case the kid header is missing or only contains the fragment. Should this also be applied here?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd say not if missing, but yes if it only contains the fragment?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

deferred to #2684

@gerardsn gerardsn requested a review from reinkrul December 13, 2023 09:58
reinkrul
reinkrul approved these changes Dec 13, 2023
View reviewed changes
vcr/credential/resolver.go
Comment on lines +72 to +74
if kid == "" {
return nil, errors.New("no kid header in JWT")
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd say not if missing, but yes if it only contains the fragment?

@gerardsn gerardsn merged commit 960ebe5 into master Dec 13, 2023
6 checks passed
@gerardsn gerardsn deleted the derive-jwt-vp-signer-from-kid branch December 13, 2023 14:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@reinkrul reinkrul reinkrul approved these changes

@woutslakhorst woutslakhorst Awaiting requested review from woutslakhorst woutslakhorst is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

PresentationSigner should derive JWT signer from 'kid' header
2 participants
@gerardsn @reinkrul