Merged
Conversation
vietj
force-pushed
the
refactor-jwt-signing-algorithm-creation
branch
2 times, most recently
from
d6ecc1e to
8729e0b
Compare
pmlopes
requested changes
Sep 26, 2025
Contributor
pmlopes
left a comment
pmlopes
left a comment
There was a problem hiding this comment.
I added a few questions and some nitpicking :)
vertx-auth-common/src/main/java/io/vertx/ext/auth/impl/jose/JWK.java
Outdated
Show resolved
Hide resolved
vertx-auth-common/src/main/java/io/vertx/ext/auth/impl/jose/JWK.java
Outdated
Show resolved
Hide resolved
vertx-auth-common/src/main/java/io/vertx/ext/auth/impl/jose/JWK.java
Outdated
Show resolved
Hide resolved
vertx-auth-common/src/main/java/io/vertx/ext/auth/impl/jose/JWK.java
Outdated
Show resolved
Hide resolved
vertx-auth-common/src/main/java/io/vertx/ext/auth/impl/jose/JWK.java
Outdated
Show resolved
Hide resolved
vertx-auth-common/src/main/java/io/vertx/ext/auth/impl/jose/JWS.java
Outdated
Show resolved
Hide resolved
vertx-auth-common/src/main/java/io/vertx/ext/auth/impl/jose/algo/MacSigningAlgorithm.java
Outdated
Show resolved
Hide resolved
vietj
force-pushed
the
refactor-jwt-signing-algorithm-creation
branch
from
1cb49b1 to
01c6280
Compare
Member
Author
|
@pmlopes please take another look |
vietj
force-pushed
the
refactor-jwt-signing-algorithm-creation
branch
from
0984480 to
29dc5ea
Compare
Member
Author
|
@pmlopes I think we are done with the refactor and the code is ready to be moved to vertx-core as an internal utility |
Member
Author
|
@zyclonite I have a default thread local based version, the reason of not using Netty's fast thread local is because those consume a slot in fast thread local registry and cannot be recycled. Netty fast thread local should be static and here we can only use non static thread local due to the per JWK configuration. |
Contributor
|
sounds reasonable and will work, i think i started using the default for my initial tests as well. |
Motivation: JWT requires the creation of signing algorithm to use for the creation and validation of tokens. This could be used to implement Quic token validation process and thus we could reuse the implementation engine to implement a Quic token validator. This refactor also ease the creation usage of thread local to replace synchronised blocks around java cryptographic objet non thread safe usage. Changes: Extract the sign/verify part into a small package independent of JWT that can be reused in this module.
vietj
force-pushed
the
refactor-jwt-signing-algorithm-creation
branch
from
d2e05a6 to
6d06a89
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Motivation:
JWT requires the creation of signing algorithm to use for the creation and validation of tokens.
This could be used to implement Quic token validation process and thus we could reuse the implementation engine to implement a Quic token validator.
This refactor also ease the creation usage of thread local to replace synchronised blocks around java cryptographic objet non thread safe usage.
Changes:
Extract the sign/verify part into a small package independent of JWT that can be reused in this module.