Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JWT Authentication #6

Open
iamlouk opened this issue Sep 7, 2021 · 1 comment
Open

JWT Authentication #6

iamlouk opened this issue Sep 7, 2021 · 1 comment
Labels
enhancement New feature or request

Comments

@iamlouk
Copy link
Contributor

iamlouk commented Sep 7, 2021

This application acts both as a server (via its HTTP API for the ClusterCockpit MetricDataRepositories) and as a client (to the NATS.io server). Both of these communication channels can be secured via JWTs.

NATS restricts JWTs (See here) to the Ed25519 algorithm.

The cc-metric-store will need to know the public key so that it can verify incoming requests via the HTTP API. Knowing the private key is not needed if the cc-metric-store is provided with a valid JWT signed by someone else (e.g. ClusterCockpit, if it can provide JWTs that conform to the restrictions NATS puts on JWTs).
iamlouk added a commit that referenced this issue Sep 20, 2021
@iamlouk
Use JWT authentication for the API
27a5c0b 
This commit takes care of the API part of issue #6.
@moebiusband73
Copy link
Member

JWT currently has optional authentication via user password.
This should be uniformly JWT tokens

@moebiusband73 moebiusband73 added the enhancement New feature or request label Jun 28, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@moebiusband73 @iamlouk