-
Notifications
You must be signed in to change notification settings - Fork 15
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use in real world #3
Comments
I struggled with how to handle this sort of scenario. Can you explain more about what you're trying to accomplish? That would help me figure out what the right sort of syntax would be. Suggestions welcome too! |
There are two things I could share with you base on my further experience with it. One, you could simply print out the PEM format of the multiple keys. Error: Input is not recognized. Got this on input: {"kty":"EC","alg":"ES256","use":"sig","crv":"P-256","kid":"3466d51f7dd0c780565688c183921816c45889ad","x":"cWZxqH95zGdr8P4XvPd_jgoP5XROlipzYxfC_vWC61I","y":"AK8V_Tgg_ayGoXiseiwLOClkekc9fi49aYUQpnY1Ay_y"} |
One possible design for your interface could be lokey fetch jwk login.yahoo.com to print out all the keys from login.yahoo.com similar to what yahoo does in the https://login.yahoo.com/openid/v1/certs: {"keys":[{"kty":"RSA","alg":"RS256","use":"sig","kid":"6ff94cdad11e7c3ac08dc9ec3c44844b87e364f7","n":"AL1LkSgnGk-sKqFDBrojoqvpqOwmN7tgvz0p6J9g8O_nOzXMAwzMUUs4H_FMgeNWcuE6XzJX3spVwAYBp-rBLwyXXCGbO_chhwcpBDNndlZyqS2zOvwmZYdh4MhrUnIOcA8cdDB1hqoDdKOx9M-EjuoafcgqEPA7rWsZTH6TITMP","e":"AQAB"},{"kty":"EC","alg":"ES256","use":"sig","crv":"P-256","kid":"3466d51f7dd0c780565688c183921816c45889ad","x":"cWZxqH95zGdr8P4XvPd_jgoP5XROlipzYxfC_vWC61I","y":"AK8V_Tgg_ayGoXiseiwLOClkekc9fi49aYUQpnY1Ay_y"}]} Then lokey fetch jwk login.yahoo.com | lokey to pem could simply print out the two keys in PEM formats. |
Oh, interesting. I didn't consider using the JWK format for multiple keys. That's a good idea. As far as EC keys go. I don't know enough about elliptic curve to know how easy it is to switch formats around like you can with RSA keys (my guess would be yes, but my "minimum viable product" was RSA) Lastly, I built lokey because I found myself converting keys a lot in validation code I was writing. But I have no idea how other people would use lokey - what are you using it for? |
when I did
$ lokey fetch jwk login.yahoo.com
Multiple keys found:
Printing the first key ('3466d51f7dd0c780565688c183921816c45889ad')
{"use": "sig", "crv": "P-256", "kty": "EC", "alg": "ES256", "y": "AK8V_Tgg_ayGoXiseiwLOClkekc9fi49aYUQpnY1Ay_y", "x": "cWZxqH95zGdr8P4XvPd_jgoP5XROlipzYxfC_vWC61I", "kid": "3466d51f7dd0c780565688c183921816c45889ad"}
What I would like to have is some way to get the PEM files for the two keys.
I know about the lokey to pem. But I am struggling with the correct inputs from what I can retrieve from yahoo.
The text was updated successfully, but these errors were encountered: