starred/pocket-id
1
0
Fork 0
mirror of https://github.com/pocket-id/pocket-id.git synced 2025-12-09 09:13:15 +03:00
Code Issues 121 Packages Projects Releases 16 Wiki Activity

[PR #339] [MERGED] feat: store keys as JWK on disk #858

New Issue
Closed
opened 2025-10-07 00:23:35 +03:00 by OVERLORD · 0 comments
OVERLORD commented 2025-10-07 00:23:35 +03:00
Owner
Copy Link

📋 Pull Request Information

Original PR: https://github.com/pocket-id/pocket-id/pull/339
Author: @ItalyPaleAle
Created: 3/15/2025
Status: Merged
Merged: 3/18/2025
Merged by: @stonith404

Base: mainHead: keys-as-jwk

📝 Commits (10+)

📊 Changes

10 files changed (+1184 additions, -151 deletions)

View changed files

📝 backend/go.mod (+14 -4)
📝 backend/go.sum (+23 -8)
📝 backend/internal/bootstrap/bootstrap.go (+2 -0)
backend/internal/bootstrap/jwk_migration.go (+133 -0)
backend/internal/bootstrap/jwk_migration_test.go (+190 -0)
📝 backend/internal/controller/well_known_controller.go (+2 -2)
📝 backend/internal/service/jwt_service.go (+255 -101)
backend/internal/service/jwt_service_test.go (+546 -0)
📝 backend/internal/service/test_service.go (+7 -36)
📝 backend/internal/utils/file_util.go (+12 -0)

📄 Description

Part of #322

This converts the format of keys stored on disk to JWK and it allows reading keys containing RSA, ECDSA, or EdDSA keys (note: while non-RSA keys can be read, at this stage I don't believe they can be used to sign/verify JWTs... that will be a subsequent PR)

If a PEM-encoded key is found on disk, it is converted to JWK upon startup.

Lastly, completes a perf improvement started with #327: the JWKS endpoint now returns data that is always cached, making it significantly faster (and reducing the amount of heap allocations on every invocation)

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/pocket-id/pocket-id/pull/339 **Author:** [@ItalyPaleAle](https://github.com/ItalyPaleAle) **Created:** 3/15/2025 **Status:** ✅ Merged **Merged:** 3/18/2025 **Merged by:** [@stonith404](https://github.com/stonith404) **Base:** `main` ← **Head:** `keys-as-jwk` --- ### 📝 Commits (10+) - [`493fd66`](https://github.com/pocket-id/pocket-id/commit/493fd6697df4a0ecd470dfeb527d6f85b8edab23) feat: Store keys as JWK on disk - [`ba6eb8a`](https://github.com/pocket-id/pocket-id/commit/ba6eb8a055877e40fa78851d0f9cc41533caa91b) Merge branch 'main' of https://github.com/pocket-id/pocket-id into keys-as-jwk - [`fbf5e00`](https://github.com/pocket-id/pocket-id/commit/fbf5e00d9f3d562278a2260dd7cd8016af2b8021) Merge branch 'main' into keys-as-jwk - [`92f3f02`](https://github.com/pocket-id/pocket-id/commit/92f3f02750ad26945bb33a6ee5b498050801a5e1) Merge branch 'keys-as-jwk' of https://github.com/ItalyPaleAle/pocket-id into keys-as-jwk - [`c0de960`](https://github.com/pocket-id/pocket-id/commit/c0de96060b9a6d61d04d51fb92f7bee96bd00260) Fix 1 - [`ca26af1`](https://github.com/pocket-id/pocket-id/commit/ca26af123ccb962f0c28011e9ff1dc383420f0c8) Fixed token generation/verification too - [`3a741c4`](https://github.com/pocket-id/pocket-id/commit/3a741c40976e9df7a668c1702530ba6d85b90367) Merge branch 'main' of https://github.com/pocket-id/pocket-id into keys-as-jwk - [`5c2aaf4`](https://github.com/pocket-id/pocket-id/commit/5c2aaf45493e199c6cd69b9f85254e0c3143d7ac) Switch to a separate file for migrations - [`b519e3b`](https://github.com/pocket-id/pocket-id/commit/b519e3b1653a0f6d20d4f636719ab15efae1f117) Added unit tests for migrations - [`f18d778`](https://github.com/pocket-id/pocket-id/commit/f18d7788b26a2320e3301d6e41f602c54d45c874) More unit tests ### 📊 Changes **10 files changed** (+1184 additions, -151 deletions) <details> <summary>View changed files</summary> 📝 `backend/go.mod` (+14 -4) 📝 `backend/go.sum` (+23 -8) 📝 `backend/internal/bootstrap/bootstrap.go` (+2 -0) ➕ `backend/internal/bootstrap/jwk_migration.go` (+133 -0) ➕ `backend/internal/bootstrap/jwk_migration_test.go` (+190 -0) 📝 `backend/internal/controller/well_known_controller.go` (+2 -2) 📝 `backend/internal/service/jwt_service.go` (+255 -101) ➕ `backend/internal/service/jwt_service_test.go` (+546 -0) 📝 `backend/internal/service/test_service.go` (+7 -36) 📝 `backend/internal/utils/file_util.go` (+12 -0) </details> ### 📄 Description Part of #322 This converts the format of keys stored on disk to JWK and it allows reading keys containing RSA, ECDSA, or EdDSA keys (note: while non-RSA keys can be read, at this stage I don't believe they can be used to sign/verify JWTs... that will be a subsequent PR) If a PEM-encoded key is found on disk, it is converted to JWK upon startup. Lastly, completes a perf improvement started with #327: the JWKS endpoint now returns data that is always cached, making it significantly faster (and reducing the amount of heap allocations on every invocation) --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
OVERLORD added the pull-request label 2025-10-07 00:23:35 +03:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
breaking
bug
documentation
feature
needs more upvotes
open to pull requests
pull-request
Mirrored from GitHub Pull Request
No Label pull-request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/pocket-id#858
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?