rust/neon
1
0
Fork 0
mirror of https://github.com/neondatabase/neon.git synced 2026-05-25 17:10:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Switch to EdDSA algorithm for the storage JWT authentication tokens.

Browse Source 
The control plane currently only supports EdDSA. We need to either teach
the storage to use EdDSA, or the control plane to use RSA. EdDSA is more
modern, so let's use that.

We could support both, but it would require a little more code and tests,
and we don't really need the flexibility since we control both sides.
This commit is contained in:
Heikki Linnakangas
2023-03-20 15:50:30 +02:00
committed by Heikki Linnakangas
parent 77107607f3
commit fea4b5f551
6 changed files with 49 additions and 88 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
test_runner/fixtures/neon_fixtures.py
View File

@@ -431,7 +431,7 @@ class AuthKeys:
priv: str
def generate_token(self, *, scope: str, **token_data: str) -> str:
token = jwt.encode({"scope": scope, **token_data}, self.priv, algorithm="RS256")
token = jwt.encode({"scope": scope, **token_data}, self.priv, algorithm="EdDSA")
# cast(Any, self.priv)
# jwt.encode can return 'bytes' or 'str', depending on Python version or type