DefaultSigner should support key rotation
mitar opened this issue · 0 comments
mitar commented
Preflight checklist
- I could not find a solution in the existing issues, docs, nor discussions.
- I agree to follow this project's Code of Conduct.
- I have read and am following this repository's Contribution Guidelines.
- I have joined the Ory Community Slack.
- I am signed up to the Ory Security Patch Newsletter.
Ory Network Project
No response
Describe your problem
It looks to me like there is no simple way to rotate the keypair? DefaultSigner and its GetPrivateKey allows only one key to be returned?
Describe your ideal solution
I think DefaultSigner should also have a method like GetRotatedPrivateKeys which would be used only for validating. Similar to how there is GlobalSecret and RotatedGlobalSecrets.
Workarounds or alternatives
I could implement my own Signer but it would be better if this is part of fosite.
Version
v0.45.0
Additional Context
No response