Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

example for RS256 openssl #125

Merged
merged 1 commit into from
Jun 19, 2017
Merged

example for RS256 openssl #125

merged 1 commit into from
Jun 19, 2017

Conversation

HenryNe
Copy link

@HenryNe HenryNe commented Nov 21, 2016
edited
Loading

An example with RS256 with encode and decode.
Keys are created by openssl and inline to make the example complete as single file.

openssl genrsa -out private.key 1024
openssl rsa -in private.key -pubout > pubkey.key

@googlebot
Copy link

Thanks for your pull request. It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

📝 Please visit https://cla.developers.google.com/ to sign.

Once you've signed, please reply here (e.g. I signed it!) and we'll verify. Thanks.

  • If you've already signed a CLA, it's possible we don't have your GitHub username or you're using a different email address. Check your existing CLA data and verify that your email is set on your git commits.
  • If you signed the CLA as a corporation, please let us know the company's name.

1 similar comment
@googlebot
Copy link

Thanks for your pull request. It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

📝 Please visit https://cla.developers.google.com/ to sign.

Once you've signed, please reply here (e.g. I signed it!) and we'll verify. Thanks.

  • If you've already signed a CLA, it's possible we don't have your GitHub username or you're using a different email address. Check your existing CLA data and verify that your email is set on your git commits.
  • If you signed the CLA as a corporation, please let us know the company's name.

@HenryNe
Copy link
Author

HenryNe commented Nov 21, 2016

I signed it!

@googlebot
Copy link

CLAs look good, thanks!

@robertdimarco
Copy link

Neat!

@robertdimarco robertdimarco merged commit d6b3174 into firebase:master Jun 19, 2017
@BVMiko BVMiko mentioned this pull request Aug 17, 2017
Merged
serroba
serroba reviewed Nov 23, 2017
View reviewed changes
README.md
"nbf" => 1357000000
);

$jwt = JWT::encode($token, $privateKey, 'RS256');
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

pardon my ignorance. I would have thought that we should encode with the public key and decode with the private one.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You are wrong.
encode with private, so only you can sign the data.
JWT with public key is for checking signature, not for hiding information.
Information is base64 coded. See red header and payload on https://jwt.io/

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the explanation. Appreciated

@gbharath5182
Copy link

Hi, I am having the key like below
{
"keys":
[{"kty":"RSA",
"kid":"",
"use":"sig",
"n":"",
"e":"AQAB",
"x5c":[""],
"x5t":""}]}
Need assistance in verifying the signature using Firbase.JWT library in php.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@serroba serroba serroba left review comments

Assignees
No one assigned
Labels
cla: yes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@HenryNe @googlebot @robertdimarco @gbharath5182 @serroba