commit	ced64fa75741368b18c004d415f15c119dce8efd	[log] [tgz]
author	Eric Chiang <eric.chiang.m@gmail.com>	Mon Aug 29 18:06:36 2016
committer	Eric Chiang <eric.chiang.m@gmail.com>	Mon Aug 29 18:12:03 2016
tree	92432b109ada8c9191df0a49a6dc970391d10cf6
parent	644e9d1b6d256ed68fe3ca879ef63b582db157f2 [diff]

jose: remove hmac signing and verification code

This was brought up during disucssions about #98. The HMAC logic
isn't used by this package or dex. We don't support client_secret_jwt
client authentication[0] in dex and don't provide an interface for it
in our client package.

Remove the HMAC code for now. We don't want to encourage its use and
can revert this change if ever need to support it.

This change has been tested with the dex repo and passes those unit
tests locally.

[0] https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication

jose/sig_hmac.go[Deleted - diff]
jose/sig_hmac_test.go[Deleted - diff]

2 files changed

tree: 92432b109ada8c9191df0a49a6dc970391d10cf6

README.md

go-oidc

go-oidc provides a comprehensive collection of golang libraries for other projects to implement OpenID Connect (OIDC) server and client components.

package documentation

github.com/coreos/go-oidc/oidc - OIDC client- and server-related components
github.com/coreos/go-oidc/oauth2 - OAuth2-specific code needed by the OIDC components
github.com/coreos/go-oidc/jose - Javascript Object Signing and Encryption (JOSE) object (JWS, JWK) generation, validation and serialization
github.com/coreos/go-oidc/key - RSA key management for OIDC components