expo-crypto-dpop
Expo Crypto DPoP
RFC 9449 표준 기반 DPoP(Demonstrating Proof-of-Possession) 인증 모듈. EC P-256 키 쌍을 안전하게 생성·보관하고, OAuth 2.0 액세스 토큰에 암호학적으로 바인딩된 DPoP 증명 JWT를 생성합니다.
When to Apply
Reference this skill when:
- DPoP 인증을 구현할 때
- OAuth 2.0 토큰 바인딩이 필요할 때
- RFC 9449 관련 작업 시
- Axios 인터셉터에 DPoP 헤더를 추가할 때
- 앱 재설치 후 키 관리가 필요할 때
DPoP 개요
Bearer 토큰의 보안 취약점을 해결하는 RFC 9449 확장 메커니즘:
- 요청마다 개인 키로 서명된 DPoP 증명 JWT 전송
- 서버가 공개 키로 서명 검증하여 정당한 클라이언트 확인
- 탈취된 토큰도 개인 키 없이는 사용 불가
More from boostbrothers/agent-skills
vercel-react-best-practices
React, React Native, and Next.js performance optimization guidelines from Vercel Engineering. This skill should be used when writing, reviewing, or refactoring React/React Native/Next.js code to ensure optimal performance patterns. Includes framework-specific solutions (Next.js, Vite, CRA) and library alternatives (SWR vs React Query, Jotai). Triggers on tasks involving React components, Next.js pages, React Native apps, data fetching, bundle optimization, or performance improvements.
13web-design-guidelines
Web design and accessibility guidelines for modern web applications. Use when creating, reviewing, or refactoring UI components to ensure best practices for styling, animations, accessibility, and color contrast.
12vercel-composition-patterns
React composition patterns that scale. Use when refactoring components with
10vercel-react-native-skills
React Native and Expo best practices for building performant mobile apps. Use
8prd-workflow
PRD generation and acceptance test workflow for product development. Use when creating PRDs from JIRA/Confluence/Figma data, generating UI/UX acceptance test checklists, or uploading test documents to Confluence.
1react-native-naver-map
Naver Map SDK React Native wrapper for rendering maps with overlays, markers, clustering, camera control, and location tracking. Use when working with 네이버 지도, naver map, map overlay, marker clustering, path overlay, or NaverMapView.
1