Allow custom claims - made addClaim public#232
Conversation
|
@lbalmaceda will a push with the following content have more success? Background: I want to access a docker registry with an auth token Like this implementation in go: |
|
Changing the name of the claim won't change it's type. It's just the same as your first comment. I guess your idea is to send the requirements that the docker token must have inside the JWT payload, and then request that docker token from the client. The requirements I see in the go implementation link you shared are strings //..
String token = JWT.create()
.withClaim("dkr.typ", "token type")
.withClaim("dkr.nam", "token name")
.withArrayClaim("dkr.act", ["write", "read", "etc"])
.sign(algorithm); |
|
A valid communication is possible with the following. So the only missing method was String token = JWT.create()
.addClaim("access", ImmutableList.of("..."))
.withIssuer("Some Issuer")
.withAudience(service)
.withKeyId("...")
...
.sign(algorithm); |
|
@lbalmaceda Do you think this has a chance? |
|
No. We don't support that kind of structure. You need to convert the "access" claim value to some structure we can support. I've already proposed you a workaround in my previous comment.
|
|
It seems very odd to me to disallow setting claims of custom data types when creating a JWT, when you can deserialize custom types when parsing/verifying. Why does |

No description provided.