Hi All, In JWT token generator [1] use low level JWT building and signing process which makes bit difficult to validate signature in client side. But in [2] we use nimbus [3] to generate and sign OpenID connect ID token. Shall we change JWT generator in [1] to use nimbus library ? Nimbus provides very comprehensive option to generate JWT and validate signature in client side.
[1] https://github.com/wso2-dev/carbon-identity/blob/master/components/identity/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/authcontext/JWTTokenGenerator.java [2] https://github.com/wso2-dev/carbon-identity/blob/master/components/identity/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/openidconnect/DefaultIDTokenBuilder.java [3]http://connect2id.com/products/nimbus-jose-jwt -- Gayan Gunawardana Software Engineer; WSO2 Inc.; http://wso2.com/ Email: [email protected] Mobile: +94 (71) 8020933
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
