LibJWT needs a robust way to handle keys with various provider and client contexts (i.e. JWKS)

[lidaobing]

In the current design, we have the following prototypes:

typedef int (*jwt_key_p_t)(const jwt_t *, jwt_key_t *);
int jwt_decode_2(jwt_t **jwt, const char *token, jwt_key_p_t key_provider);

If the code runs in a multi-tenant mode, the jwt_key_p_t is hard to write because we always need to know which context we should get the code from. So, could we add a new decode method like the following:

typedef int (*jwt_key_p_ctx_t)(const jwt_t *, jwt_key_t *, void* ctx);
int jwt_decode_3(jwt_t **jwt, const char *token, jwt_key_p_ctx_t key_provider, void* ctx);

If you think the suggestion is valuable, I could provide a patch.

Thanks

[benmcollins]

I can certainly see the usefulness of this given the currently available functions. However, I really want to move away from this naming and calling convention.

With the new JWK and JWKS support in the master branch coming together nicely, my plan is to have a more robust way to verify and validate (and even decrypt) tokens, and not "decode", as the current function naming implies (it's very confusing to people).

So while I do not intend to to implement jwt_decode_3(), I do intend to to provide the functionality you're looking for.