search

panva / jose

JWA, JWS, JWE, JWT, JWK, JWKS for Node.js, Browser, Cloudflare Workers, Deno, Bun, and other Web-interoperable runtimes.
MIT License
5.4k stars 309 forks source link

Minor error in example #112 #682

Closed erwanvivien closed 3 months ago

erwanvivien commented 3 months ago

What happened?

https://github.com/panva/jose/issues/112

The decode example should be this I think:

import { importJWK, jwtVerify, compactDecrypt } from 'jose'

const decode = TextDecoder.prototype.decode.bind(new TextDecoder());

const privateJwk = {
  e: 'AQAB',
  n: 'uDwQ0ON7rzg6w3BobsBTf9XU6bsGAfc234beMZGHYHfFx3GZqe2YC46yd0xFKY1_yJIDzhwUMOpFfqrtHxDjER-9Q2Lwap3VLad6p3KRf-WAkEWxpgk7fkdQEkrqyxlC5GPRnwUXQ0NRlPRRgFVvlIcRQU5GG-gbPqAhM0UcdFS4He82a1YozQyByC3TG7K3gVBzeh-yT2psbpgl4UeuTnpwlRgrqxYY-PQsBHnEWJ2C7L9bZFGmUNrCOsOqe2ngJvdVit-UJKtXQ7CRx0jpR9l1d0_B0iCEi1ic6hacxYO5QMmV8tQPHHnhB2QA5zAvjXC7fIxlZoGRb1oqhZ147w',
  d: 'QFgyI1Kf-wVveJzEzJF9WDNthihco8kcsBrhdXx3RJjwSYUCfxfNN5Qh_opzyVxzGbDthUnHP4JCvUejQ2tZcrycFHH0t7fiIWzR6LOZ34pfSYQd1Hh6_9KWQ51IvaBX_X5jUt-rTUGwt45Q_LpaGwzFWQKmd86r3UZ98fMcSgBIKtbZwWPd-paDC5OjOOk9fXBaAhXq19yNIQCVrCdyA9z8YD4JObTzNKxr8tdbXnQ0PqoA0VYf-ifev8uF7Q5gFDfFhARZjnssE9ZPZxMgFVF3ZE9Cg5pWjB7W-IMtnHUFtkEjHKG-ZNw2kzSDOekpJHdpBXHobq2gMTqUwFHj0Q',
  p: '8gIlcIOzQV1iJwImre5CtJ7hnhRTaNalrjeaB1BBOCGvYEjJ76GVvMVvWrXnAHhh8OYk9n-mOnRgu0BELpXA5IKDM8uEwukf2lH4mUka15vpQhdLN9qGekp-PBBIQLoQsN4yqUpRgMhYN5MKHYdM4IralAFC_1Fba44HXJYtX-c',
  q: 'wuLWQmgxtrNb9LnaBLP4O6BpwxV47i0F9Z2_PojTZEbGS-LU_YIIqmJuL0DHjZ9Yc7H06lSmCcJ2o7K_N0NZObWRRSu-kI4WwAc4z_qIlSxI0WnO2DQlBBAvcikLxZLf0lbE8bdXlc3jrypA4ADZgq-udrPQQwNPKaPHNkaaHbk',
  dp: 'KUQSbEAYxdGNlgc43zmcaD4bTKA8pMjNEYrrmcmmhVLBG9LtlA3igYDM_xO7Ywoj8TbdIKcdiiQkBmnr9mGUtaJHiwJuDepAgzKtCD499HviZ2GfctOxUJL5OXaxS1Au3mnVC6bfhO0klb1d4TEb-8HRiaE5cl3GD-309WWqMQs',
  dq: 'fz_t9t5h15G1cU4I9Rkt9IEBjcfvdlUflwixXvuoS8mKoPIzcHP_hIFQwLnjkq2A68o-yOMMp0K6hJiqEkN_dxb_C9NMUsb0Q95zUhmcJQsNYO9dh_5ETSrkT_5NGWyViJnvboTwQ3h0OmO0iI8FdzePCyLN0XPPtLij0uS2rME',
  qi: 'MP79AE4ZRtH-eVSnC6Pkzrg1qbdjCKd6mj8zZPsfNu2-8JOR_vhqN2927sH4Zou2V-m7lq0EO7xp_C9RZFhz99T6tbIXVJwR3GewGjwGc3DRuD9ih91dM1qfyApGUTN6G0jOhIaTKbBpMn1MUUZ7haBht4iypLMIfrLBNW6sLYY',
  kty: 'RSA',
  use: 'enc'
}
const privateKey = await importJWK(privateJwk, 'RSA-OAEP-256')

// decrypt the JWE
const { plaintext: decryptedJwt } = await compactDecrypt(jwe, privateKey) // Changed let to const

const issuerPublicJwk = {
  crv: 'P-256',
  kid: 'd2bwmrR5AoI9A0FgNTFxtcNyTPlQTinRxuXUG9uOOWY',
  kty: 'EC',
  x: 'FM3c0AK77LZbxb2LCmUI-Y83DpX04HfakfD1fgfaMVw',
  y: 'fw7dMgz5uHqxbAaYUwgz0IarSIXfkGFP0qTDyC_rkx0'
}

// validate the JWT
const publicKey = await importJWK(issuerPublicJwk, 'ES256')

const { protectedHeader, payload } = await jwtVerify(decode(decryptedJwt), publicKey) // Changed here jwt to decryptedJwt
console.log(payload)

I changed

Version

v5.4.0

Runtime

Other (I will specify below)

Runtime Details

Examples

Code to reproduce

The one in the example

Required

panva commented 3 months ago

Thank you. I've updated the jwt var name.