commit | ced64fa75741368b18c004d415f15c119dce8efd | [log] [tgz] |
---|---|---|
author | Eric Chiang <eric.chiang.m@gmail.com> | Mon Aug 29 18:06:36 2016 |
committer | Eric Chiang <eric.chiang.m@gmail.com> | Mon Aug 29 18:12:03 2016 |
tree | 92432b109ada8c9191df0a49a6dc970391d10cf6 | |
parent | 644e9d1b6d256ed68fe3ca879ef63b582db157f2 [diff] |
jose: remove hmac signing and verification code This was brought up during disucssions about #98. The HMAC logic isn't used by this package or dex. We don't support client_secret_jwt client authentication[0] in dex and don't provide an interface for it in our client package. Remove the HMAC code for now. We don't want to encourage its use and can revert this change if ever need to support it. This change has been tested with the dex repo and passes those unit tests locally. [0] https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication
go-oidc provides a comprehensive collection of golang libraries for other projects to implement OpenID Connect (OIDC) server and client components.