TechQA.

How to find the JOSE signing key?

283 views Asked by At

My goal is to determine which kid is used to sign a specific payload:

      try {
        bearerToken = getBearerToken(req.headers);
        console.log("token", { bearerToken });
    
        // if the bearerToken is signed by another kid, how do i know which key to use?
    
        let verifyBearerTokenKeystore = await jose.JWK.asKeyStore(mypubkey);
        verifyBearerTokenResult = await jose.JWS.createVerify(
          verifyBearerTokenKeystore
        ).verify(bearerToken);
      } catch (e) {
        console.error(e);
        return res.status(403).send("invalid bearer token");
      }

Full source

If I purposely broke this "kid": "z2U_owemqRLOQYEhiSX1fUrPp72hXSG6dKy8qUvu1DY" in ks.json, I expect node-jose to say:

Error: kid z2U_owemqRLOQYEhiSX1fUrPp72hXSG6dKy8qUvu1DY not found

not

Error: no key found

How do I make it tell me the kid (key id) it expects? Furthermore how do verifiers extract the jwks_uri?

openid-connect jose node-jose
Original Q&A
0

There are 0 answers

Related Questions in OPENID-CONNECT

Related Questions in JOSE

Related Questions in NODE-JOSE

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions