jwt: Clean up imported jwt_verify_lib to conform to Envoy standards

[Copilot]

Imported jwt_verify_lib code contained verbose Apache 2.0 headers, Google-internal references, and spelling issues that failed Envoy's CI checks.

Changes

Copyright headers (30 files)

• Replaced verbose Apache 2.0 license text with SPDX identifier format
• Updated to Copyright Envoy Project Authors (removed "The")

// Before
// Copyright 2018 Google LLC
// Copyright The Envoy Project Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License...

// After
// Copyright 2018 Google LLC
// Copyright Envoy Project Authors
// SPDX-License-Identifier: Apache-2.0

Google-internal references

• Removed borgmon, GFS/gfs, chunkserver, sstables from simple_lru_cache_inl.h comments

Spelling

• Fixed typos: convinence→convenience, tailing→trailing, implemeation→implementation, configurated→configured, paramaters→parameters, mis-match→mismatch
• Added JWT/JWK terms to dictionary: alg, crv, iss, iat, aud, jti, kty, OKP, EdDSA, Jwk
• Added supporting terms: bssl, LLC, SPDX, cpufreq, sudo, invariants, keyset
• Wrapped JSON literals in comments with double backticks: {"alg": "EdDSA"}

Impact: 31 files, -431/+104 lines

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• esm.ubuntu.com
  • Triggering command: /usr/lib/apt/methods/https /usr/lib/apt/methods/https (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

Original prompt

Clean up the imported jwt_verify_lib code to pass Envoy's spellcheck and conform to Envoy's copyright style.

Required Changes

1. Simplify copyright headers in all files under source/common/jwt/ and test/common/jwt/

Replace verbose Apache 2.0 license headers with this concise format:

// Copyright 2018 Google LLC
// Copyright Envoy Project Authors
// SPDX-License-Identifier: Apache-2.0

Remove all the verbose license text (the "Licensed under the Apache License..." paragraphs).

2. Remove Google-internal references in source/common/jwt/simple_lru_cache_inl.h

Remove or rewrite comments that reference Google-internal tools:

• borgmon
• sstables
• GFS/gfs
• chunkserver
• Any file paths like file/gfs/chunkserver/gfs_chunkserver.{cc,h}

These are not relevant to Envoy.

3. Fix spelling mistakes

• convinence → convenience (in jwks.cc)
• tailing → trailing (in check_audience.h)
• implemeation → implementation (in check_audience.h)
• configurated → configured (in check_audience.h)

4. Add JWT/JWK terms to spellcheck dictionary

Find Envoy's spelling dictionary (likely tools/spelling/spelling_dictionary.txt or similar) and add these standard JWT/JWK field names:

• alg
• crv
• iss
• iat
• aud
• jti
• OKP
• mru (most recently used)
• EdDSA

These are legitimate technical terms from JWT/JWK RFCs.

This pull request was created from Copilot chat.

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.