Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Signing JWT with RS512 #3

Closed
coylums opened this issue Feb 6, 2019 · 4 comments
Closed

Signing JWT with RS512 #3

coylums opened this issue Feb 6, 2019 · 4 comments

Comments

@coylums
Copy link

coylums commented Feb 6, 2019

Hello, I'm working with Jose and trying to sign a JWT with RS512, a requirement from an API I'm using. When I attempt to include the RS512 algorithm I get type 'RSASigner' is not a subtype of type 'Mac' with the Create a JWS example. I don't know if this is an issue with the package or how I'm trying to use RS512. Thank you.
@joaoritter
Copy link

+1 for RSA256.

@mdevalk
Copy link

mdevalk commented Jun 11, 2019

Hi @coylums, any news on this? Did you get it resolved?

@ljbdelacruz
Copy link

hi any news on this? still having issues with JWT :( same error

@rbellens
Copy link
Contributor

You'll first need a key to do the signing. Depending on the application, you'll need to use a key that is provided to you or you can generate one for example with the following openssl command:

ssh-keygen -t rsa -b 4096 -m PEM -f jwtRS512.key

Next, you'll need to parse the key and transform it to a JsonWebKey object. Depending on the format the key is stored in, you'll need to use the appropriate library. For example, for keys stored in pem format, you can use the package x509.

Finally, you can use this JsonWebKey for signing a jwt.

See example7 in the examples file for a full example.

jose/example/jose_example.dart

Lines 264 to 317 in 6b3eb03

// create a JWT, sign with RS512
void example7() async {
var claims = JsonWebTokenClaims.fromJson({
'exp': Duration(hours: 4).inSeconds,
'iss': 'alice',
});
// create a builder, decoding the JWT in a JWS, so using a
// JsonWebSignatureBuilder
var builder = JsonWebSignatureBuilder();
// set the content
builder.jsonContent = claims.toJson();
// add a key to sign, can only add one for JWT
var key = _readPrivateKeyFromFile('example/jwtRS512.key');
builder.addRecipient(key, algorithm: 'RS512');
// build the jws
var jws = builder.build();
// output the compact serialization
print('jwt compact serialization: ${jws.toCompactSerialization()}');
}
JsonWebKey _readPrivateKeyFromFile(String path) {
var v = parsePem(File(path).readAsStringSync()).first;
var keyPair = (v is PrivateKeyInfo) ? v.keyPair : v as KeyPair;
var pKey = keyPair.privateKey as RsaPrivateKey;
print(pKey);
String _bytesToBase64(List<int> bytes) {
return base64Url.encode(bytes).replaceAll('=', '');
}
String _intToBase64(BigInt v) {
return _bytesToBase64(v
.toRadixString(16)
.replaceAllMapped(RegExp('[0-9a-f]{2}'), (m) => '${m.group(0)},')
.split(',')
.where((v) => v.isNotEmpty)
.map((v) => int.parse(v, radix: 16))
.toList());
}
return JsonWebKey.fromJson({
'kty': 'RSA',
'n': _intToBase64(pKey.modulus),
'd': _intToBase64(pKey.privateExponent),
'p': _intToBase64(pKey.firstPrimeFactor),
'q': _intToBase64(pKey.secondPrimeFactor),
'alg': 'RS512',
'kid': 'some_id'
});

@digitalrbnz digitalrbnz mentioned this issue Nov 10, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@coylums @mdevalk @joaoritter @rbellens @ljbdelacruz