Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(keys): add a new field x5t to the entity keys #14154

Open
wants to merge 8 commits into
base: master
Choose a base branch
from
Open

feat(keys): add a new field x5t to the entity keys #14154

wants to merge 8 commits into from

Conversation

catbro666
Copy link
Contributor

@catbro666 catbro666 commented Jan 14, 2025
edited
Loading

Summary

jwe-decrypt plugin wants to support searching key by x5t, so there's this PR. This PR adds a new field x5t for the keys entity. And similar to the kid, the x5t and set_id combination should be unique.

One customer is using Azure to generate JWE token and the protected header of a JWE token generated by Azure is as below:

{
"alg": "RSA-OAEP",
"enc": "A128CBC-HS256",
"x5t": "I67Q-7SSeuHsXgrpMq_K_3idefI",
"zip": "DEF"
}

It uses x5t field instead of kid field and the enc is A128CBC-HS256. So customer is requesting jwe-decrypt plugin to support searching key by the x5t field.

Checklist

  • The Pull Request has tests
  • A changelog file has been created under changelog/unreleased/kong or skip-changelog label added on PR if changelog is unnecessary. README.md
  • There is a user-facing docs PR against https://github.com/Kong/docs.konghq.com - PUT DOCS PR HERE

Issue reference

https://konghq.atlassian.net/browse/FTI-6399

@catbro666 catbro666 marked this pull request as draft January 14, 2025 07:26
@catbro666 catbro666 force-pushed the fti-6399-keys-entity-adds-x5t branch 3 times, most recently from b27d349 to a330557 Compare January 15, 2025 09:28
@catbro666 catbro666 marked this pull request as ready for review January 15, 2025 09:52
liverpool8056
liverpool8056 requested changes Jan 23, 2025
View reviewed changes
@catbro666 catbro666 force-pushed the fti-6399-keys-entity-adds-x5t branch from 9215634 to 37aa18d Compare February 20, 2025 07:43
@TT1228 TT1228 mentioned this pull request Feb 24, 2025
Merged
@ms2008 ms2008 force-pushed the fti-6399-keys-entity-adds-x5t branch from 37aa18d to 28c03d6 Compare February 27, 2025 03:39
@catbro666 catbro666 force-pushed the fti-6399-keys-entity-adds-x5t branch from 28c03d6 to 722e766 Compare March 3, 2025 07:37
@catbro666 catbro666 force-pushed the fti-6399-keys-entity-adds-x5t branch from 722e766 to 22f6410 Compare March 3, 2025 14:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bungle bungle bungle approved these changes

@windmgc windmgc windmgc approved these changes

@ms2008 ms2008 ms2008 approved these changes

@liverpool8056 liverpool8056 liverpool8056 approved these changes

Assignees

@catbro666 catbro666

Labels
cherry-pick kong-ee schedule this PR for cherry-picking to kong/kong-ee core/clustering core/db/migrations core/db schema-change-noteworthy size/L
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@catbro666 @bungle @windmgc @ms2008 @liverpool8056