v0.3.1

Features

• return DER encoded certificates instead of PEM
• zeroize private key material

v0.3.0

Features

• end-to-end test are now made against the real OIDC provider: Dex.
• The API is a bit more pragmatic, requiring a single ClientId as String when it needs to instead of parts of it
• Many other miscellaneous changes, too many to remember all of them

This project is still under heavy development and not suitable yet for production use

v0.2.0

Initial release ! 🥳

You mostly want to use wire-e2e-identity crate which contains all the client methods for requesting a x509 certificate from an ACME server. This certificate proves the identity of the user/client through its clientId, userId, displayName and domain.

Features

• JWT utils to create a Dpop client token, an access token and validate the latter
• Generic utilities to create and validitate a JWT token. Can be used in other contexts.
• Utilities to create/parse JWKs
• Create a JWK thumbprint
• Opinionated ACME client library only suited to our usage and currently only supports requesting a x509 certificate (no refresh or revocation flow)
• Haskell FFI to use the method to generate an access token in wire-server
• A cli for using the access token validation method in the acme server written in Go