TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-12-22 18:31:57 +03:00
Code Issues Projects Releases Wiki Activity
31,587 Commits 250 Branches 1,686 Tags 392 MiB
a650ae2138
Commit Graph

3 Commits

Author SHA1 Message Date
Naz
9756094ae2 🐛 Fixed signing key mismatching in JWT/JWKS 
refs https://github.com/TryGhost/Team/issues/1640
closes https://github.com/TryGhost/Members/pull/401/
refs https://forum.ghost.org/t/ghost-jwt-question-possible-bug/30210

- Without `keyid` parameter some of the clien libraries were not able to match the signin key to verify JWT
- Missing `keyid` parameter allows to indicate the key used to secure JWS (as per https://www.rfc-editor.org/rfc/rfc7515#section-4.1.4) and resolves the automatic matching issue on the client.
- The `kid` parameter was left in claims to avoid accidental breaking changes.
 2022-05-23 18:45:08 +08:00
Fabien 'egg' O'Carroll
528fd23874 Added ability to fetch member by identity token (#329) 
refs https://github.com/TryGhost/Team/issues/1057

This method will validate a token, and then return the member associated
with it. Rather than exposing token validation and coupling consumers to
the structure of the token response data.
 2021-09-17 11:25:57 +02:00
Fabien O'Carroll
d51fdc3f4a Moved code out of index.js in directories 
refs https://github.com/TryGhost/Team/issues/879
 2021-07-14 14:17:38 +01:00