NetDevPack / Security.Jwt

Jwt Manager. Set of components to deal with Jwt Stuff. Automate your key rotating, add support for jwks_uri. Store your cryptography keys in a secure place.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

if the .key file has ExpiredAt and expired, it will always generate new .key file

liugt34 opened this issue · comments

in FileSystemStore.cs
this code always return the first file, so it will generate new file repeatly.

private string GetCurrentFile()
{
    var files = Directory.GetFiles(KeysPath.FullName, $"*current*.key");
    if (files.Any())
        return Path.Combine(KeysPath.FullName, files.First());

    return Path.Combine(KeysPath.FullName, $"{_options.Value.KeyPrefix}current.key");
}

Thank you for your highlight at FileSystemStore.cs.

The JwtService class is designed with a mechanism to check if the current security key is expired or needs to be updated for any reason (e.g., revocation). During process to generate new key it get the *current* key and copy it to old-yyyy-MM-dd file. After that a new Key will get place in *current* key.