GSoC 18: JWT and JOSE support
I read the idea here but still got something unclear.
The project should ship two new related but disjoint sets of APIs to libwget: one to work with JWT and another one to automatically encrypt/decrypt/sign/verify (given the proper key) JOSE tokens.
- JWT is a way for authentication. It could repalce older Cookie-Session way to identify user.(This picture helps me understanding it) As for Wget2, a file and recursive website downloader, it's mainly about something like
--load-jwt
,--save-jwt
,--keep-session-jwt
(just like thecookie
option) to help user handle JWT authentication and download things "continuously". The JWT/JOSE functions inlibwget
help finishing this job. I'm not sure if I understand it correctly.
automatically encrypt/decrypt/sign/verify (given the proper key) JOSE tokens.
Why will a downloader encrypt/decrypt/sign/verify
tokens. Aren't these the jobs for a server?
Thanks in advance for clarify it!