GSoC 18: JWT and JOSE support
I read the idea here but still got something unclear.
The project should ship two new related but disjoint sets of APIs to libwget: one to work with JWT and another one to automatically encrypt/decrypt/sign/verify (given the proper key) JOSE tokens.
- JWT is a way for authentication. It could repalce older Cookie-Session way to identify user.(This picture helps me understanding it) As for Wget2, a file and recursive website downloader, it's mainly about something like
--keep-session-jwt(just like the
cookieoption) to help user handle JWT authentication and download things "continuously". The JWT/JOSE functions in
libwgethelp finishing this job. I'm not sure if I understand it correctly.
automatically encrypt/decrypt/sign/verify (given the proper key) JOSE tokens.
Why will a downloader
encrypt/decrypt/sign/verify tokens. Aren't these the jobs for a server?
Thanks in advance for clarify it!