[QUESTION] How to get JWK for key?

jamiekurtz / onlineJwtBuilder

Web page used to generate fake, but valid, JSON Web Tokens.

GNU General Public License v3.0

29 stars 17 forks source link

[QUESTION] How to get JWK for key? #11

Closed skillful-alex closed 2 years ago

skillful-alex commented 2 years ago

I'm setting up a reverse-proxy (envoy) for validating the JWT. Envoy is waiting for the key in JWKs format. How can it be created for keys from your site? For HA256, I tried the following but it didn't work:

{"keys":[
    {
      "kty" : "oct",
      "kid" : "0afee142-a0af-4410-abcc-9f2d44ff45b5",
      "alg" : "HS256",
      "k"   : "qwertyuiopasdfghjklzxcvbnm123456"
    }
]}

skillful-alex commented 2 years ago

Valid JWK for HS256 key qwertyuiopasdfghjklzxcvbnm123456 is

{
  "keys": [
    {
      "typ": "JWT",
      "kty": "oct",
      "alg": "HS256",
      "kid": "df",
      "k": "cXdlcnR5dWlvcGFzZGZnaGprbHp4Y3Zibm0xMjM0NTY="
    }
  ]
}

The k attribute is base64 encoded.