b_c / jose4j / issues / #102 - Client Authentication in HttpsJwks (2 way ssl) — Bitbucket

Issue #102 on hold

Former user created an issue 2017-08-04

While configuring HttpsJwks with an https url that does client authentication also, there is no way to configure client keystore. If an api is exposed that takes client keystore, truststore and passwords as input, it'll great. Or of there is any other way to use HttpsJwks with client auth?

Comments (2)

Brian Campbell repo owner
There's no out of the box support for client authentication with HttpsJwks. However you could do an implementation of SimpleGet that does mutual TLS client auth and set that implementation on the HttpsJwks instance.

org.jose4j.http.Get (see source) is the default implementation of SimpleGet that is used by HttpsJwks. You could copy and modify that or just see it as an example. If you are already using Apache's HttpClient or something, that could back the SimpleGet implementation too.
- 2017-08-04T17:13:55+00:00
Brian Campbell repo owner
- changed status to on hold
putting this on hold for the time being
- 2018-06-05T17:21:38+00:00
Log in to comment

Assignee: Brian Campbell

Type: enhancement

Priority: major

Status: on hold

Votes: 0

Watchers: 1

Jira: the preferred issue tracker for Bitbucket. Join the team!