-
-
Notifications
You must be signed in to change notification settings - Fork 81
JWK
You can initiate JSON::JWK instance from an instance of
StringHashOpenSSL::PKey::RSAOpenSSL::PKey::EC
JSON::JWK instance generated from String is automatically detected as kty=oct (shared key).
jwk = JSON::JWK.new 'shared-key'
jwk[:kty] # => :oct
jwk[:k] # => 'shared-key'Hash input is to specify each JWK element directly.
JSON::JWK.new(
kty: :RSA,
e: 'AQAB',
n: 'AK8ppaAGn6N3jDic2...'
) # => RSA public keyOpenSSL::PKey::RSA and OpenSSL::PKey::EC are for kty=RSA and kty=EC, and both public and private key are supported.
private_key = OpenSSL::PKey::RSA.generate(2048)
public_key = private_key.public_key
JSON::JWK.new(private_key) # => JWK including RSA private key components
JSON::JWK.new(public_key)This gem also defines OpenSSL::PKey::RSA#to_jwk and OpenSSL::PKey::EC#to_jwk.
private_key = OpenSSL::PKey::RSA.generate(2048)
private_key.to_jwkYou can set kid or any extensional attributes by passing option hash as 2nd argument.
If explicit kid isn't given, this gem tries to caluculate JWK thumbprint value and set it as the default kid.
JSON::JWK.new(
private_key,
kid: 'default'
)If the input is a Hash, put all extensional attributes in the 1st hash.
JSON::JWK.new(
kty: :RSA,
e: 'AQAB',
n: 'AK8ppaAGn6N3jDic2...',
kid: 'default'
)JSON::JWK.new(hash) should works.
If you want convert an JSON::JWK instance to OpenSSL::PKey::RSA or OpenSSL::PKey::EC instance, call JSON::JWK#to_key.
jwk = JSON::JWK.new(
kty: :RSA,
e: 'AQAB',
n: 'AK8ppaAGn6N3jDic2...'
)
jwk.to_key # => OpenSSL::PKey::RSA`JSON::JWK.decode also does JSON::JWK.new(input).to_key internally for backward compatibility.
[RFC7638] JSON Web Key (JWK) Thumbprint is also supported.
Just call JSON::JWK#thumbprint.
jwk = JSON::JWK.new public_key
jwk.thumbprint