You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Looking closer within JwksClient.js, it seems to not filter out the keys properly. By default, the kty value in this was RSA, but our Ping implementation used EC keys. I swapped that, but the following code produces an undefined list of "keys"...
This is our JWKS file example: {"keys":[{"kty":"EC","kid":"k9","use":"sig","alg":"ES512","x":"<value>","y":"<value>","crv":"P-521"},{"kty":"EC","kid":"k8","use":"sig","alg":"ES384","x":"<value>","y":"<value>","crv":"P-384"},{"kty":"EC","kid":"k7","use":"sig","alg":"ES256","x":"<value>","y":"<value>","crv":"P-256"},{"kty":"EC","kid":"k3","use":"sig","alg":"ES512","x":"<value>","y":"<value>","crv":"P-521"},{"kty":"EC","kid":"k2","use":"sig","alg":"ES384","x":"<value>","y":"<value>","crv":"P-384"},{"kty":"EC","kid":"k1","use":"sig","alg":"ES256","x":"<value>","y":"<value>","crv":"P-256"},{"kty":"EC","kid":"jx","use":"sig","alg":"ES512","x":"<value>","y":"<value>","crv":"P-521"},{"kty":"EC","kid":"jw","use":"sig","alg":"ES384","x":"<value>","y":"<value>","crv":"P-384"},{"kty":"EC","kid":"jv","use":"sig","alg":"ES256","x":"<value>","y":"<value>","crv":"P-256"}]}
The text was updated successfully, but these errors were encountered:
After further review... This node package only accounts for RSA type keys. Nothing to do with EC keys.
I have rewritten the bits in JwksClient.js to account for these types of keys. My question to all of you is, should the package be renamed and include functionality for EC keys? or should it be its own package.
Looking closer within JwksClient.js, it seems to not filter out the keys properly. By default, the kty value in this was RSA, but our Ping implementation used EC keys. I swapped that, but the following code produces an undefined list of "keys"...
var signingKeys = keys.filter(function (key) { return key.use === 'sig' && key.kty === 'EC' && key.kid && (key.x5c && key.x5c.length || key.n && key.e); }).map(function (key) { if (key.x5c && key.x5c.length) { return { kid: key.kid, nbf: key.nbf, publicKey: (0, _utils.certToPEM)(key.x5c[0]) }; } else { return { kid: key.kid, nbf: key.nbf, rsaPublicKey: (0, _utils.rsaPublicKeyToPEM)(key.n, key.e) }; } });
This is our JWKS file example:
{"keys":[{"kty":"EC","kid":"k9","use":"sig","alg":"ES512","x":"<value>","y":"<value>","crv":"P-521"},{"kty":"EC","kid":"k8","use":"sig","alg":"ES384","x":"<value>","y":"<value>","crv":"P-384"},{"kty":"EC","kid":"k7","use":"sig","alg":"ES256","x":"<value>","y":"<value>","crv":"P-256"},{"kty":"EC","kid":"k3","use":"sig","alg":"ES512","x":"<value>","y":"<value>","crv":"P-521"},{"kty":"EC","kid":"k2","use":"sig","alg":"ES384","x":"<value>","y":"<value>","crv":"P-384"},{"kty":"EC","kid":"k1","use":"sig","alg":"ES256","x":"<value>","y":"<value>","crv":"P-256"},{"kty":"EC","kid":"jx","use":"sig","alg":"ES512","x":"<value>","y":"<value>","crv":"P-521"},{"kty":"EC","kid":"jw","use":"sig","alg":"ES384","x":"<value>","y":"<value>","crv":"P-384"},{"kty":"EC","kid":"jv","use":"sig","alg":"ES256","x":"<value>","y":"<value>","crv":"P-256"}]}
The text was updated successfully, but these errors were encountered: