Feature Request: Support JSON Web Key Sets (JWKS) #57
Comments
|
@grempe As soon as the appropriate WebCryptoAPIs (SubtleCrypto.importKey) land in Deno you'll be able to do import { createRemoteJWKSet, jwtVerify } from 'https://deno.land/x/jose@VERSION/index.ts'
const JWKS = createRemoteJWKSet(new URL('https://login.truestamp.com/.well-known/jwks.json'))
async function verify(jwt: string) {
const { payload, protectedHeader } = await jwtVerify(jwt, JWKS, {
issuer: 'urn:example:issuer',
audience: 'urn:example:audience'
})
return { payload, protectedHeader }
} |
|
Thanks @panva for the comment and example. I will keep an eye on your JOSE implementation and its Deno support. |
|
Thanks @panva ! I would recommend using https://deno.land/x/jose for more complex applications. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Supporting the retrieval and use of JWKS public keys would be very helpful. This would allow secure use of public key JWT signatures provided by Auth0, Okta, and other JWKS providers. This would allow client or server side tools to validate JWT's signed by Auth0, Okta, and other identity providers.
https://auth0.com/docs/tokens/json-web-tokens/json-web-key-sets
https://developer.okta.com/code/dotnet/jwt-validation/
Here's a sample of a live JWKS keyset:
https://login.truestamp.com/.well-known/jwks.json
Here is a similar project from Auth0 that pulls in a JWKS set for use in their Node Express lib that might provide inspiration for the API:
https://github.com/auth0/node-jwks-rsa
The text was updated successfully, but these errors were encountered: