add support for EdDSA signing keys

ggicci / caddy-jwt

🆔 Caddy Module JWT Authentication

MIT License

71 stars 20 forks source link

add support for EdDSA signing keys #82

Closed artooro closed 3 months ago

artooro commented 3 months ago

When using caddy-jwt with an ed25519 key, I was not able to get it to work. The caddy log would always show

{"provider": "jwt", "error": "could not verify message using any of the signatures or keys"}

The code change in this PR checks if the signing key is using the EdDSA algorithm of which ed25519 is practically the only key type ever used, and then adds it to the key sink as the proper type.

ggicci commented 3 months ago

Have you tried setting sign_alg value?

ggicci commented 3 months ago

If setting sign_alg doesn't work, could you help adding unit test to this fix? TIA :)

artooro commented 3 months ago

@ggicci yes of course, sign_alg was set to EdDSA in my testing. The entire Caddyfile I used for testing was.

{
    order jwtauth before basicauth
}

:8853 {
    jwtauth {
        sign_key "...."
        sign_alg EdDSA
        from_header X-Auth-Token
    }

    respond "it worked"
}

Can look at adding units tests to this PR as well.

artooro commented 3 months ago

@ggicci unit test added, hope it's OK to merge now.

ggicci commented 3 months ago

Thank you!