Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a middleware handler to de-reference opaque access token to JWT #224

Closed
stevehu opened this issue Jun 21, 2018 · 0 comments
Closed

Add a middleware handler to de-reference opaque access token to JWT #224

stevehu opened this issue Jun 21, 2018 · 0 comments
Assignees
@stevehu

Comments

@stevehu
Copy link
Contributor

stevehu commented Jun 21, 2018

We have customers that are concerned to send JWT token to the Internet as it might reveal PII and there is no way that you can revoke a JWT token. The solution is to send a by-reference token to the outside and then de-reference it once the request enters into the DMZ on BFF. We need to build a handler to do this job before JwtVerifyHandler in the chain. Or simply replace the JwtVerifyHandler with this one on the BFF instance.
stevehu added a commit that referenced this issue Jun 21, 2018
@stevehu
fixes #224 update status description
35c9e31
@stevehu stevehu self-assigned this Jun 23, 2018
@stevehu stevehu closed this as completed in cdb0b2a Jul 5, 2018
younggwon1 pushed a commit to younggwon1/light-4j that referenced this issue Feb 10, 2024
@stevehu
fixes networknt#224 Add a middleware handler to de-reference opaque a…
11c50b2 
…ccess token to JWT
younggwon1 pushed a commit to younggwon1/light-4j that referenced this issue Feb 10, 2024
@stevehu
fixes networknt#224 update status description
457e4c8
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@stevehu stevehu

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@stevehu