How to use simple symetric key

traefik-plugins / traefik-jwt-plugin

Traefik plugin which checks JWT tokens for required fields. Supports Open Policy Agent (OPA) and signature validation with JWKS

Apache License 2.0

98 stars 34 forks source link

How to use simple symetric key #45

Closed hpsjakob closed 1 year ago

hpsjakob commented 1 year ago

Hi,

I'm trying to use this plugin with a simple symmetric key. For example: Eekee9saaBus7shoh1hau6lahYo9ah. I tried to specify it in the config like this:

jwt:
  Keys:
    - Eekee9saaBus7shoh1hau6lahYo9ah
  Alg: HS254

But I get the following error:

Invalid configuration, expecting a certificate, public key or JWK URL

The readme stats:

Allowed values include certificates, public keys, symmetric keys.

However, I did not get how to specify my symmetric key here. Could you give me a hint how to achieve this?

Thank you for your time in advance!

eshepelyuk commented 1 year ago

Hello This plugin support only PEM encoded "keys". You can't pass an arbitrary string. Nothing more I can help with :(

Firestorm7893 commented 1 year ago

Unfortunately software like organizr only supports a simple simmetric key, I'll see if I can implement it somehow myself

blagerweij commented 1 year ago

Currently the only way to use symmetric keys is using the JWKS url. For instance:

{ "keys": [ { "kty": "oct", "alg": "HS256", "kid": "foobar", "k": "Fdh9u8rINxfivbrianbbVT1u232VQBZYKx1HGAGPt2I" } ] } (Where 'k' is the base64 encoded symmetric key). If you want to specify the key using the config file, we'll need to adjust the 'ParseKeys' method.