Open drewpitchford opened 6 years ago
@drewpitchford Complicated example. However, check parameters:
NSString *alg = @"HS256";
[JWTAlgorithmRSFamilyDataHolder new].algorithmName(alg);
Something wrong here. Algorithm should be "RS256".
Besides, try to separate code in pieces.
NSString *alg = @"HS256";
id<JWTAlgorithmDataHolderProtocol> signHolder = [JWTAlgorithmRSFamilyDataHolder new].algorithmName(alg).secret([[self.sdkEphemeralPrivateKeyJwk dataUsingEncoding:NSUTF8StringEncoding] base64EncodedStringWithOptions:0]);
You can't check here secret that you pass to holder. Also you can't check data from which you create base64 string.
NSString *alg = @"HS256";
NSData *secretData = [self.sdkEphemeralPrivateKeyJwk dataUsingEncoding:NSUTF8StringEncoding];
NSString *secretString = [secretData base64EncodedStringWithOptions:0];
id<JWTAlgorithmDataHolderProtocol> signHolder = [JWTAlgorithmRSFamilyDataHolder new]
.algorithmName(alg)
.secret(secretString);
It becomes a bit readable.
Yes, I agree it's not clean code. It's a proof of concept for now. I'll try RS256.
@lolgear Does this lib support JWE? I don't see any specific mention of it anywhere.
To be clear, JWE format such as x.x.x.x.x
rather than JWS 'x.x.x'
@drewpitchford No, it doesn't support it yet.
New Issue Checklist
Issue Info
Issue Description and Steps
I am integrating JWT into an SDK I am writing. When attempting to encrypt and sign some info to send to our server, I get errors in the signature. I double checked by pasting the encrypted data into jwt.io's tool. It decrypts the headers and payload fine; the only issue is "Signature is invalid". I've basically copy/pasted the example from the docs and still see this error. Below is my code
Is there something I'm missing here? I'd appreciate any help! Thanks!