Skip to content

Instantly share code, notes, and snippets.

View prasanthu's full-sized avatar

Prasanth Ullattil prasanthu

7 followers · 5 following
View GitHub Profile
@prasanthu
prasanthu / auth.swift
Created May 4, 2018 08:57
let APIIdentifier = "http://google_api"
Auth0
.webAuth()
.audience(APIIdentifier)
.scope("openid profile email")
.connectionScope("email")
.start {
switch $0 {
case .failure(let error):
// Handle the error
@prasanthu
prasanthu / auth.swift
Created May 4, 2018 08:58
fileprivate func showLogin() {
guard let clientInfo = plistValues(bundle: Bundle.main) else { return }
//let APIIdentifier = "https://" + clientInfo.domain + "/userinfo" // Replace with the API Identifier value you created
let APIIdentifier = "http://google_api" // Replace with the API Identifier value you created
Auth0
.webAuth()
.audience(APIIdentifier)
.scope("openid profile email")
.connectionScope("email")
@prasanthu
prasanthu / gist:9dfaf00d857ef02400d3b340093bc67b
Created April 8, 2019 19:12
commit 5c3ca37f03db5eb842e7abfdd7c857548934caa7
Author: Prasanth Ullattil <[email protected]>
Date: Mon Apr 8 21:09:57 2019 +0200
Fix the build settings
This will make sure we use Development.xcconfig
diff --git a/Pods/Pods.xcodeproj/project.pbxproj b/Pods/Pods.xcodeproj/project.pbxproj
index 3b10e15..3749c27 100644
@prasanthu
prasanthu / kms-signing.md
Created May 3, 2023 07:11

AWS KMS support for OAuth2 Client Credentials JWT authentication

The current implementation signs the client assertions using the signing_key.private_key value specified in the configuration. AWS KMS only allows to sign data using the signing API. The keyID, algorithm and the message(or digest) are the only parameters required for this API.

Generating base64 encoded signature

When used with the ECDSA_SHA_256, ECDSA_SHA_384, or ECDSA_SHA_512 signing algorithms, the signature value is a DER-encoded object as defined by ANS X9.62–2005 and RFC 3279 Section 2.2.3. This is the most commonly used signature format and is appropriate for most uses. We need to perform the following steps to convert the DER-encoded object to a valid signature

  1. Retrieve r & s values from the encoded structure
  2. Compute signature size based on algorithm and size of r and s values
@prasanthu
prasanthu / config. yaml
Last active July 2, 2023 08:20
Sample config. yaml
services:
- name: controlplane
url: https://api.example.net/controlplane
credentials:
oauth2:
grant_type: client_credentials
token_url: https://api.example.net/as/token.oauth2
client_id: ca3a5293-588a
include_jti_claim: true
aws_kms: