Open elenatorroglosa opened 6 years ago
@elenatorroglosa
Hi!
Well, I could add a milestone for that.
I suppose that possible solution for JWK support in current version is a custom JWTStringCoder__Protocol
object.
NSString *jwkSecretInsideObject = @"{/*jwk*/}";
id<JWTAlgorithmDataHolderProtocol> holder = [JWTAlgorithmRSFamilyDataHolder new].stringCoder([JWKStringCoder new]).secret(jwkSecretInsideObject).algorithmName(@"RS256");
Inside string coder you could extract necessary items and make further conversion of keys base64 format into bytes.
Alternative, you could use JWTCryptoKey
API for conversion public and private keys base64 formatted strings into raw Security framework keys.
@protocol JWTCryptoKey__Generator__Protocol
- (instancetype)initWithBase64String:(NSString *)base64String parameters:(NSDictionary *)parameters error:(NSError *__autoreleasing*)error;
@end
So, extract keys from JWK.
NSDictionary *jwk = [/*json to dictionary*/];
// extract keys
NSString *publicKey = /*extract from JWK dictionary*/;
NSString *privateKey = /*extract from JWK dictionary*/;
// and put them into appropriate key.
// pass nil parameters
NSDictionary *parameters = nil;
NSError *theError = nil;
NSError **error = &theError;
id publicJWTKey = [[JWTCryptoKeyPublic alloc] initWithBase64String:(NSString *)publicKey parameters:(NSDictionary *)parameters error:(NSError *__autoreleasing*)error];
id privateJWTKey = [[JWTCryptoKeyPrivate alloc] initWithBase64String:(NSString *)privateKey parameters:(NSDictionary *)parameters error:(NSError *__autoreleasing*)error]
And set them as verifyKey() or signKey(). ( Fluent API of JWTDataHolder
for RSFamily
).
New Issue Checklist
Issue Info
Issue Description and Steps
I would sincerely appreciate having support for the JWK format to use as input to the decoding and validation function with RS256. Do you have the foresight to include this function in the library? Meanwhile, is there any way or shortcut to dynamically convert from JWK to PEM, which is the format currently supported by the library? Thank you very much in advance.