CloudNebulaProject/ips
1
0
Fork 0
mirror of https://codeberg.org/Toasterson/ips.git synced 2026-04-10 13:20:42 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
ips/pkg6depotd/tests/fixtures/test_jwk.json
Till Wegmueller 8f048f6b2a
Some checks are pending
Rust CI / Format (push) Waiting to run
Details
Rust CI / Clippy (push) Waiting to run
Details
Rust CI / Build (Linux) (push) Blocked by required conditions
Details
Rust CI / Build (Illumos) (push) Blocked by required conditions
Details
Rust CI / Test (push) Blocked by required conditions
Details
Rust CI / End-to-End Tests (push) Blocked by required conditions
Details
Rust CI / Documentation (push) Blocked by required conditions
Details
feat: Add OIDC JWT authentication middleware for pkg6depotd 
Implement Bearer token validation using jsonwebtoken with JWKS caching
and automatic key rotation handling. AuthState fetches keys from the
configured OIDC provider's jwks_uri at startup and refreshes on unknown
kid. Axum middleware (require_auth) protects write routes, injecting
AuthenticatedUser into request extensions. The auth_check admin endpoint
now performs real JWT validation when oauth2 is configured.

Includes architecture plan for the full publish API with RBAC at
docs/ai/plans/2026-04-09-publish-api-oidc.md.
2026-04-09 22:39:20 +02:00

8 lines
No EOL
443 B
JSON
Raw Blame History

{
"kty": "RSA",
"use": "sig",
"alg": "RS256",
"kid": "test-key-1",
"n": "whXnBPFpaBvOfnPFg3e-ffpEA9bv60nzm6--qr0sAj82ll-qbWUkimI0k8EY4p_FIbZxgLOYcSPRTJH8lM0fgINX-QgQdcQ-ekOmVxTZ6GhXwv1TAwhiCfH2y1C1Xw-KNqs1bqv_3bbRmgM4kKwIsg9v63XkXtVs77ebY2ayBYyDxWbFVHd9tfTyQtc5cqbSJVUG5rDkhfFa-IkmTVzjWhHx2aA1HS14n77TTCbHwdZvTBU-YXQtirJY-ObfIBjBMRjo_fGo_XFYF76QeZzAgZWIFpau_jVMzqmKD4DtUi1Wvn0lDpOqK65Vcftrqlq9i5AujcS5ReqRK63DIPRksQ",
"e": "AQAB"
}
Reference in a new issue View git blame Copy permalink