RSA Support

[Blacksmoke16]

Any update on RSA algorithm support?

[greyblake]

@Blacksmoke16 Unfortunately no. We're waiting for some RSA shard to appear :)

[feliksg]

There is this one: https://github.com/randomstate/openssl_ext

[Blacksmoke16]

Any updates on this? Trying to work with an SSO flow that uses RS/ES256 keys to sign their JWT tokens, and current I can't verify them.

[stakach]

@Blacksmoke16 I have an open pull request for this at #21 In the mean time you can add:

dependencies:
  jwt:
    github: stakach/jwt

to use RSA

[Blacksmoke16]

Great thanks! Do you happen to know if it would now be possible to validate a JWT with a key from a JWKS endpoint? E.x. https://login.eveonline.com/oauth/jwks

Or should I make another issue as a feature request to support this?

[stakach]

Yeah you're right. I'll implement verification with the public key

[stakach]

OK public key verification is in!

[Dan-Do]

Hi guys, Please take a look at my usage on RSA & JWT::Algorithm::RS256 rsa = OpenSSL::PKey::RSA.new(1024) puts rsa.to_der #private_key puts rsa.public_key.to_der #public_key

Save the above private and public keys for later use. payload = {"foo" => "bar", "exp" => Time.local.to_unix} token = JWT.encode(payload, private_key, JWT::Algorithm::RS256) pp token #print correctly

payload, header = JWT.decode(token, public_key, JWT::Algorithm::RS256) pp payload pp header It raised exception Unhandled exception: Neither PUB or PRIV key: error:0D0650DF:asn1 encoding routines:c2i_uint64_int:too large (OpenSSL::PKey::RsaError)

[stakach]

The shards requires PEM format keys - DER is binary so difficult to differentiate between public and private

[Dan-Do]

It works. Thank you.