chore: add firebase/php-jwt and gapple/structured-field as dependencies#2413
Open
mickenordin wants to merge 2 commits into
Open
chore: add firebase/php-jwt and gapple/structured-field as dependencies#2413mickenordin wants to merge 2 commits into
mickenordin wants to merge 2 commits into
Conversation
mickenordin
force-pushed
the
add-firebase-php-jwt
branch
from
6fd261d to
015e995
Compare
mickenordin
added a commit
to nextcloud/server
that referenced
this pull request
May 5, 2026
Companion to nextcloud/3rdparty#2413, which adds firebase/php-jwt v7. Required for the RFC 9421 verifier and signer. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to nextcloud/server
that referenced
this pull request
May 5, 2026
Companion to nextcloud/3rdparty#2413, which adds firebase/php-jwt v7. Required for the RFC 9421 verifier and signer. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
changed the title
mickenordin
force-pushed
the
add-firebase-php-jwt
branch
from
4225696 to
e73f85f
Compare
mickenordin
added a commit
to nextcloud/server
that referenced
this pull request
May 5, 2026
Companion to nextcloud/3rdparty#2413. firebase/php-jwt handles JWK parsing and JWS algorithm dispatch; gapple/structured-fields handles RFC 8941 Structured Field parsing for Signature-Input / Signature. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to nextcloud/server
that referenced
this pull request
May 5, 2026
Companion to nextcloud/3rdparty#2413. firebase/php-jwt handles JWK parsing and JWS algorithm dispatch; gapple/structured-fields handles RFC 8941 Structured Field parsing for Signature-Input / Signature. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
changed the title
mickenordin
added a commit
to nextcloud/server
that referenced
this pull request
May 6, 2026
Companion to nextcloud/3rdparty#2413. firebase/php-jwt handles JWK parsing and JWS algorithm dispatch; gapple/structured-fields handles RFC 8941 Structured Field parsing for Signature-Input / Signature. Signed-off-by: Micke Nordin <kano@sunet.se>
7 tasks
mickenordin
added a commit
to enriquepablo/server
that referenced
this pull request
May 6, 2026
By using a JWT that the receiver can verify against a public key, we make it easy for third party services to validate the token independently. This is relevant for example in the context of webapp shares that may defer to a separate service to deliver the actual webapp. NOTE: This requires nextcloud/3rdparty#2413 to be merged before this. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to enriquepablo/server
that referenced
this pull request
May 7, 2026
By using a JWT that the receiver can verify against a public key, we make it easy for third party services to validate the token independently. This is relevant for example in the context of webapp shares that may defer to a separate service to deliver the actual webapp. NOTE: This requires nextcloud/3rdparty#2413 to be merged before this. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to enriquepablo/server
that referenced
this pull request
May 7, 2026
By using a JWT that the receiver can verify against a public key, we make it easy for third party services to validate the token independently. This is relevant for example in the context of webapp shares that may defer to a separate service to deliver the actual webapp. NOTE: This requires nextcloud/3rdparty#2413 to be merged before this. Co-authored-by: Mahdi Baghbani <mahdi-baghbani@azadehafzar.io> Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to enriquepablo/server
that referenced
this pull request
May 7, 2026
By using a JWT that the receiver can verify against a public key, we make it easy for third party services to validate the token independently. This is relevant for example in the context of webapp shares that may defer to a separate service to deliver the actual webapp. NOTE: This requires nextcloud/3rdparty#2413 to be merged before this. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to enriquepablo/server
that referenced
this pull request
May 7, 2026
By using a JWT that the receiver can verify against a public key, we make it easy for third party services to validate the token independently. This is relevant for example in the context of webapp shares that may defer to a separate service to deliver the actual webapp. NOTE: This requires nextcloud/3rdparty#2413 to be merged before this. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to enriquepablo/server
that referenced
this pull request
May 7, 2026
By using a JWT that the receiver can verify against a public key, we make it easy for third party services to validate the token independently. This is relevant for example in the context of webapp shares that may defer to a separate service to deliver the actual webapp. NOTE: This requires nextcloud/3rdparty#2413 to be merged before this. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to nextcloud/server
that referenced
this pull request
May 7, 2026
Companion to nextcloud/3rdparty#2413. firebase/php-jwt handles JWK parsing and JWS algorithm dispatch; gapple/structured-fields handles RFC 8941 Structured Field parsing for Signature-Input / Signature. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to enriquepablo/server
that referenced
this pull request
May 7, 2026
By using a JWT that the receiver can verify against a public key, we make it easy for third party services to validate the token independently. This is relevant for example in the context of webapp shares that may defer to a separate service to deliver the actual webapp. NOTE: This requires nextcloud/3rdparty#2413 to be merged before this. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to enriquepablo/server
that referenced
this pull request
May 7, 2026
By using a JWT that the receiver can verify against a public key, we make it easy for third party services to validate the token independently. This is relevant for example in the context of webapp shares that may defer to a separate service to deliver the actual webapp. NOTE: This requires nextcloud/3rdparty#2413 to be merged before this. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to enriquepablo/server
that referenced
this pull request
May 7, 2026
By using a JWT that the receiver can verify against a public key, we make it easy for third party services to validate the token independently. This is relevant for example in the context of webapp shares that may defer to a separate service to deliver the actual webapp. NOTE: This requires nextcloud/3rdparty#2413 to be merged before this. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to enriquepablo/server
that referenced
this pull request
May 7, 2026
By using a JWT that the receiver can verify against a public key, we make it easy for third party services to validate the token independently. This is relevant for example in the context of webapp shares that may defer to a separate service to deliver the actual webapp. NOTE: This requires nextcloud/3rdparty#2413 to be merged before this. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to nextcloud/server
that referenced
this pull request
May 7, 2026
Companion to nextcloud/3rdparty#2413. firebase/php-jwt handles JWK parsing and JWS algorithm dispatch; gapple/structured-fields handles RFC 8941 Structured Field parsing for Signature-Input / Signature. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to enriquepablo/server
that referenced
this pull request
May 7, 2026
By using a JWT that the receiver can verify against a public key, we make it easy for third party services to validate the token independently. This is relevant for example in the context of webapp shares that may defer to a separate service to deliver the actual webapp. NOTE: This requires nextcloud/3rdparty#2413 to be merged before this. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to enriquepablo/server
that referenced
this pull request
May 7, 2026
By using a JWT that the receiver can verify against a public key, we make it easy for third party services to validate the token independently. This is relevant for example in the context of webapp shares that may defer to a separate service to deliver the actual webapp. NOTE: This requires nextcloud/3rdparty#2413 to be merged before this. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to enriquepablo/server
that referenced
this pull request
May 8, 2026
Companion to nextcloud/3rdparty#2413. firebase/php-jwt handles JWK parsing and JWS algorithm dispatch; gapple/structured-fields handles RFC 8941 Structured Field parsing for Signature-Input / Signature. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to enriquepablo/server
that referenced
this pull request
May 8, 2026
By using a JWT that the receiver can verify against a public key, we make it easy for third party services to validate the token independently. This is relevant for example in the context of webapp shares that may defer to a separate service to deliver the actual webapp. NOTE: This requires nextcloud/3rdparty#2413 to be merged before this. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to nextcloud/server
that referenced
this pull request
May 8, 2026
Companion to nextcloud/3rdparty#2413. firebase/php-jwt handles JWK parsing and JWS algorithm dispatch; gapple/structured-fields handles RFC 8941 Structured Field parsing for Signature-Input / Signature. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to enriquepablo/server
that referenced
this pull request
May 8, 2026
By using a JWT that the receiver can verify against a public key, we make it easy for third party services to validate the token independently. This is relevant for example in the context of webapp shares that may defer to a separate service to deliver the actual webapp. NOTE: This requires nextcloud/3rdparty#2413 to be merged before this. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to enriquepablo/server
that referenced
this pull request
May 12, 2026
By using a JWT that the receiver can verify against a public key, we make it easy for third party services to validate the token independently. This is relevant for example in the context of webapp shares that may defer to a separate service to deliver the actual webapp. NOTE: This requires nextcloud/3rdparty#2413 to be merged before this. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to enriquepablo/server
that referenced
this pull request
May 12, 2026
By using a JWT that the receiver can verify against a public key, we make it easy for third party services to validate the token independently. This is relevant for example in the context of webapp shares that may defer to a separate service to deliver the actual webapp. NOTE: This requires nextcloud/3rdparty#2413 to be merged before this. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to nextcloud/server
that referenced
this pull request
May 12, 2026
Companion to nextcloud/3rdparty#2413. firebase/php-jwt handles JWK parsing and JWS algorithm dispatch; gapple/structured-fields handles RFC 8941 Structured Field parsing for Signature-Input / Signature. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to nextcloud/server
that referenced
this pull request
May 12, 2026
Companion to nextcloud/3rdparty#2413. firebase/php-jwt handles JWK parsing and JWS algorithm dispatch; gapple/structured-fields handles RFC 8941 Structured Field parsing for Signature-Input / Signature. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to enriquepablo/server
that referenced
this pull request
May 12, 2026
By using a JWT that the receiver can verify against a public key, we make it easy for third party services to validate the token independently. This is relevant for example in the context of webapp shares that may defer to a separate service to deliver the actual webapp. NOTE: This requires nextcloud/3rdparty#2413 to be merged before this. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to nextcloud/server
that referenced
this pull request
May 13, 2026
Companion to nextcloud/3rdparty#2413. firebase/php-jwt handles JWK parsing and JWS algorithm dispatch; gapple/structured-fields handles RFC 8941 Structured Field parsing for Signature-Input / Signature. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to enriquepablo/server
that referenced
this pull request
May 13, 2026
By using a JWT that the receiver can verify against a public key, we make it easy for third party services to validate the token independently. This is relevant for example in the context of webapp shares that may defer to a separate service to deliver the actual webapp. NOTE: This requires nextcloud/3rdparty#2413 to be merged before this. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to enriquepablo/server
that referenced
this pull request
May 13, 2026
By using a JWT that the receiver can verify against a public key, we make it easy for third party services to validate the token independently. This is relevant for example in the context of webapp shares that may defer to a separate service to deliver the actual webapp. NOTE: This requires nextcloud/3rdparty#2413 to be merged before this. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to nextcloud/server
that referenced
this pull request
May 13, 2026
Companion to nextcloud/3rdparty#2413. firebase/php-jwt handles JWK parsing and JWS algorithm dispatch; gapple/structured-fields handles RFC 8941 Structured Field parsing for Signature-Input / Signature. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to nextcloud/server
that referenced
this pull request
May 13, 2026
Companion to nextcloud/3rdparty#2413. firebase/php-jwt handles JWK parsing and JWS algorithm dispatch; gapple/structured-fields handles RFC 8941 Structured Field parsing for Signature-Input / Signature. Signed-off-by: Micke Nordin <kano@sunet.se>
enriquepablo
pushed a commit
to enriquepablo/server
that referenced
this pull request
May 13, 2026
By using a JWT that the receiver can verify against a public key, we make it easy for third party services to validate the token independently. This is relevant for example in the context of webapp shares that may defer to a separate service to deliver the actual webapp. NOTE: This requires nextcloud/3rdparty#2413 to be merged before this. Signed-off-by: Micke Nordin <kano@sunet.se> Signed-off-by: Enrique Pérez Arnaud <enrique@cazalla.net>
mickenordin
added a commit
to enriquepablo/server
that referenced
this pull request
May 14, 2026
By using a JWT that the receiver can verify against a public key, we make it easy for third party services to validate the token independently. This is relevant for example in the context of webapp shares that may defer to a separate service to deliver the actual webapp. NOTE: This requires nextcloud/3rdparty#2413 to be merged before this. Signed-off-by: Micke Nordin <kano@sunet.se> Signed-off-by: Enrique Pérez Arnaud <enrique@cazalla.net>
mickenordin
added a commit
to nextcloud/server
that referenced
this pull request
May 14, 2026
Companion to nextcloud/3rdparty#2413. firebase/php-jwt handles JWK parsing and JWS algorithm dispatch; gapple/structured-fields handles RFC 8941 Structured Field parsing for Signature-Input / Signature. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to enriquepablo/server
that referenced
this pull request
May 14, 2026
Companion to nextcloud/3rdparty#2413. firebase/php-jwt handles JWK parsing and JWS algorithm dispatch; gapple/structured-fields handles RFC 8941 Structured Field parsing for Signature-Input / Signature. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to enriquepablo/server
that referenced
this pull request
May 15, 2026
By using a JWT that the receiver can verify against a public key, we make it easy for third party services to validate the token independently. This is relevant for example in the context of webapp shares that may defer to a separate service to deliver the actual webapp. NOTE: This requires nextcloud/3rdparty#2413 to be merged before this. Signed-off-by: Micke Nordin <kano@sunet.se> Signed-off-by: Enrique Pérez Arnaud <enrique@cazalla.net>
mickenordin
added a commit
to nextcloud/server
that referenced
this pull request
May 15, 2026
Companion to nextcloud/3rdparty#2413. firebase/php-jwt handles JWK parsing and JWS algorithm dispatch; gapple/structured-fields handles RFC 8941 Structured Field parsing for Signature-Input / Signature. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to enriquepablo/server
that referenced
this pull request
May 15, 2026
apps/dav/lib/Controller/TokenController.php uses Firebase\JWT\JWT but the submodule pin doesn't include it. Move to the firebase/php-jwt commit of nextcloud/3rdparty#2413. Submodule: 5d09a7f56e2 -> 015e995e59e9. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to enriquepablo/server
that referenced
this pull request
May 15, 2026
Companion to nextcloud/3rdparty#2413. firebase/php-jwt handles JWK parsing and JWS algorithm dispatch; gapple/structured-fields handles RFC 8941 Structured Field parsing for Signature-Input / Signature. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to enriquepablo/server
that referenced
this pull request
May 15, 2026
By using a JWT that the receiver can verify against a public key, we make it easy for third party services to validate the token independently. This is relevant for example in the context of webapp shares that may defer to a separate service to deliver the actual webapp. NOTE: This requires nextcloud/3rdparty#2413 to be merged before this. Signed-off-by: Micke Nordin <kano@sunet.se> Signed-off-by: Enrique Pérez Arnaud <enrique@cazalla.net>
The nextcloud/server PR nextcloud/server#60136 implements RFC9421 http-signatures. Rather than implementing some of the JWK primitives our selfs, we can lean on firebase/php-jwt and that is this commit adds that dependency here. Signed-off-by: Micke Nordin <kano@sunet.se>
The gapple/structured-fields package implements RFC 8941 (HTTP Structured Field Values) and RFC 9651. nextcloud/server's RFC 9421 HTTP Message Signatures verifier and signer use it to drop the hand-rolled Signature-Input / Signature dictionary parser, per review feedback on nextcloud/server#60136. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
force-pushed
the
add-firebase-php-jwt
branch
from
e73f85f to
3de76a3
Compare
mickenordin
added a commit
to enriquepablo/server
that referenced
this pull request
May 17, 2026
By using a JWT that the receiver can verify against a public key, we make it easy for third party services to validate the token independently. This is relevant for example in the context of webapp shares that may defer to a separate service to deliver the actual webapp. NOTE: This requires nextcloud/3rdparty#2413 to be merged before this. Signed-off-by: Micke Nordin <kano@sunet.se> Signed-off-by: Enrique Pérez Arnaud <enrique@cazalla.net>
mickenordin
added a commit
to nextcloud/server
that referenced
this pull request
May 17, 2026
…-fields Submodule pointer moves to 3de76a3, the rebased head of nextcloud/3rdparty#2413 atop current 3rdparty master, resolving the submodule-pointer conflict against nextcloud/server master. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to nextcloud/server
that referenced
this pull request
May 17, 2026
…-fields Submodule pointer moves to 3de76a3, the rebased head of nextcloud/3rdparty#2413 atop current 3rdparty master, resolving the submodule-pointer conflict against nextcloud/server master. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to nextcloud/server
that referenced
this pull request
May 17, 2026
…-fields Submodule pointer moves to 3de76a3, the rebased head of nextcloud/3rdparty#2413 atop current 3rdparty master, resolving the submodule-pointer conflict against nextcloud/server master. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to nextcloud/server
that referenced
this pull request
May 17, 2026
…-fields Submodule pointer moves to 3de76a3, the rebased head of nextcloud/3rdparty#2413 atop current 3rdparty master, resolving the submodule-pointer conflict against nextcloud/server master. Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to nextcloud/server
that referenced
this pull request
May 17, 2026
…t + gapple/structured-fields)
mickenordin
added a commit
to nextcloud/server
that referenced
this pull request
May 17, 2026
…t + gapple/structured-fields) Signed-off-by: Micke Nordin <kano@sunet.se>
mickenordin
added a commit
to nextcloud/server
that referenced
this pull request
May 17, 2026
…t + gapple/structured-fields) Signed-off-by: Micke Nordin <kano@sunet.se>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The nextcloud/server PR nextcloud/server#60136 implements RFC9421 http-signatures. Rather than implementing some of the JWK primitives ourselves, we can lean on firebase/php-jwt. Also the parsing of structured fields can largely be done with gapple/structured-field and this PR adds those dependencies here.