Initial JWE support

[lhazlewood]

Shared key ( dir ) encryption first, more complicated next.

[jaschenk]

Any timeframe for full JWE support?

Many Thanks,
Jeff

[lhazlewood]

Hi Jeff!

That work is being done in the jwe branch. Most of it has been done actually - the current delay is that many of the JWE test vectors are defined in the spec in JWK format, which means.... now we have to support JWK first ;)

So, progress has been good, but we still need to wrap up the JWK and test support to guarantee correct/exact results. If you check out the branch and try it out, feedback is welcome!

Cheers!

[lhazlewood]

Test vectors to verify the implementation are here: https://tools.ietf.org/html/rfc7520

[Bragolgirith]

The last commit in the JWE branch seems to have been about a year ago - is it still alive?

[vicente-valls]

why readme says jwk is supported if it isnt actually ?
JJWT is a Java implementation based on the JWT, JWS, JWE, JWK and JWA RFC specifications.

[lhazlewood]

@vicente-valls it says "based on" - it didn't say fully implemented. If you read the README, you'd see that we explicitly indicate that JWE is not yet fully supported:

https://github.com/jwtk/jjwt#currently-unsupported-features

That said, most of the jwe branch is finished, but we still need to fully support JWKs, and this is the only reason why JWE support isn't released. We're working on it, but because this isn't our full-time jobs, it's impossible for us to give a timeline. It'll be done when we can find time between work obligations, family obligations, illnesses, vacations, etc. But it will be completed.

[vicente-valls]

@lhazlewood tbh, I dont understand whats the meaning of based on something not implemented. Anyway, it is fine, any open source project takes time as most of times it is done on our free time. FYI I use https://github.com/auth0/jwks-rsa-java/tree/9a3edf250e982a64a6fb2f5a6c8cf35eecc1e780

[lhazlewood]

@vicente-valls "based on" means that we use those RFCs (and only those RFCs) to build JJWT - we don't use any other sources. But it does not mean that we've fully implemented the entire specification yet.

This is why we have a "currently unsupported features" section in the README to indicate that we don't yet support 100% of the features. We will eventually support them all - it just takes time.

[dbadia]

Does 90ade64 provide full JWE support, or is this still a work in progress? Any estimate for a release with JWE support?

[lhazlewood]

@dbadia it's still a work in progress - I'd say it's about 90% complete. Unfortunately we can't give time estimates since we're volunteers and work on it when our employment isn't consuming all of our time. :)

[dbadia]

@lhazlewood Understood, thanks for the quick reply

[Mithrandir21]

Amazing to see progress on this issue. ❤️
Just wanted to show appreciation for the hard work on this! 🙏

[dirkbolte]

Is there something we can support you with? Any stories/tasks/tests you can delegate?