Skip to content

feat: implement OAuth 2.0 private_key_jwt client authentication #43

Merged
ngerakines merged 2 commits into
graze-social:mainfrom
bigmoves:feature/private-key-jwt
Aug 17, 2025
Merged

feat: implement OAuth 2.0 private_key_jwt client authentication #43
ngerakines merged 2 commits into
graze-social:mainfrom
bigmoves:feature/private-key-jwt

Conversation

@bigmoves

Copy link
Copy Markdown
Contributor

Adds support for private_key_jwt client authentication method as specified in RFC 7523.

Changes include:

  • Add JWKS storage to OAuth clients with database migrations
  • Implement JWT client assertion validation with ES256 signature verification
  • Update PAR endpoint to support private_key_jwt authentication
  • Fix client type classification for private_key_jwt clients as confidential
  • Add test coverage and example scripts
  • Update well-known metadata to advertise private_key_jwt support
  • Fix SQLite session storage upsert behavior and database constraints

…7523)

This comprehensive implementation adds support for private_key_jwt client
authentication method as specified in RFC 7523. Key changes include:

- Add JWKS storage to OAuth clients with database migrations
- Implement JWT client assertion validation with ES256 signature verification
- Update PAR endpoint to support private_key_jwt authentication
- Fix client type classification for private_key_jwt clients as confidential
- Add comprehensive test coverage and example scripts
- Update well-known metadata to advertise private_key_jwt support
- Fix SQLite session storage upsert behavior and database constraints
@ngerakines ngerakines merged commit 5586667 into graze-social:main Aug 17, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants