phil/ezidam
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

ezidam: added jwks route in well-known

Browse source
This commit is contained in:
Philippe Loctaux 2023-03-12 18:46:58 +01:00
parent 8c37fc1181
commit d62cfcd1d9
6 changed files with 94 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

3
crates/jwt/src/error.rs
View file

@ -17,4 +17,7 @@ pub enum Error {
#[error("Failed to parse JWT: `{0}`")]
JwtParsing(#[from] jwt_compact::ParseError),
#[error("Failed to serialize JWK: `{0}`")]
JwkSerialization(#[from] serde_json::Error),
}

28
crates/jwt/src/key/public.rs
View file

@ -1,3 +1,4 @@
use crate::database::Key;
use crate::jwk::JsonWebKey;
use crate::Error;
use id::KeyID;
@ -5,12 +6,21 @@ use jwt_compact::alg::{Rsa, RsaPublicKey, StrongKey};
use jwt_compact::jwk::JsonWebKey as JsonWebKeyBase;
use jwt_compact::Algorithm;
use rsa::pkcs1::{DecodeRsaPublicKey, EncodeRsaPublicKey};
use serde_json::Value;
pub struct PublicKey {
id: KeyID,
key: RsaPublicKey,
}
impl TryFrom<Key> for PublicKey {
type Error = Error;
fn try_from(key: Key) -> Result<Self, Self::Error> {
PublicKey::from_der(key.public_der(), key.key_id())
}
}
impl PublicKey {
pub fn new(id: &KeyID, key: StrongKey<RsaPublicKey>) -> Self {
Self {
@ -30,12 +40,16 @@ impl PublicKey {
})
}
pub fn jwk(&self) -> JsonWebKey {
JsonWebKey {
pub fn jwk(&self) -> Result<Value, Error> {
Ok(serde_json::to_value(JsonWebKey {
base: JsonWebKeyBase::from(&self.key),
key_id: self.id.as_ref(),
algorithm: Rsa::ps256().name(),
}
})?)
}
pub fn key_id(&self) -> &KeyID {
&self.id
}
}
@ -82,11 +96,13 @@ mod tests {
let premade_der = include_bytes!("../../tests/public_key.der");
let public_key = PublicKey::from_der(premade_der, &key_id).unwrap();
let generated_jwk = serde_json::to_string(&public_key.jwk());
// Generate jwk
let generated_jwk = public_key.jwk();
assert!(generated_jwk.is_ok());
let jwk = r#"{"kty":"RSA","n":"3os0j_kNfdTHJVQ-eMYXyRBWIqsrJDdELxLAh3_WlOZtsBwiGVNnpHQm9cRB63Un9UJpYGbWz38emglXc8bHPrUArDl-K_5ioDlbh7hAaz3rZ6b8LDIPUO-jYICdxBdv1THXSWbTEistZF1TYsXg7G4xrxiFKnZLBNaSgJrKOAY8AUNWuby-vZKr5X9e3SG7kvPsUITyqSmDz4ZTCj4QScx4O9gyqz1_UEBxTRSKcpS82YzAo2Byo5avRWesiGoaxs8lNv0QJ22IY1KVoROv3hHFeFEcg3D4NTfFG2Cd8d1OMXfILhtFnQZbt5ZxIG9SCOfirn32-9OtoLemKlgSq0gbLf6t1OK12LK6mIJ78pphlnhHdvHeJ75PV6c2lS2Wwd75NYBJzhIojG4U4Lbpe7T_NDFaxExry_7V5oxX8tbb-OzJnuPOQRR0H5uOBjdVo7i5vjnDKOTDpro3XPQjBbIBkABhDdU2FcXkEbl8_ByyYZZni7ekzGrVSJB_vxvv","e":"AQAB","kid":"SgTG8ulMHAp5UsGWuCclw36zWsdEo5","alg":"PS256"}"#;
let generated_jwk = generated_jwk.unwrap();
// Convert to string to verify easily
let generated_jwk = serde_json::to_string(&generated_jwk.unwrap()).unwrap();
let jwk = r#"{"alg":"PS256","e":"AQAB","kid":"SgTG8ulMHAp5UsGWuCclw36zWsdEo5","kty":"RSA","n":"3os0j_kNfdTHJVQ-eMYXyRBWIqsrJDdELxLAh3_WlOZtsBwiGVNnpHQm9cRB63Un9UJpYGbWz38emglXc8bHPrUArDl-K_5ioDlbh7hAaz3rZ6b8LDIPUO-jYICdxBdv1THXSWbTEistZF1TYsXg7G4xrxiFKnZLBNaSgJrKOAY8AUNWuby-vZKr5X9e3SG7kvPsUITyqSmDz4ZTCj4QScx4O9gyqz1_UEBxTRSKcpS82YzAo2Byo5avRWesiGoaxs8lNv0QJ22IY1KVoROv3hHFeFEcg3D4NTfFG2Cd8d1OMXfILhtFnQZbt5ZxIG9SCOfirn32-9OtoLemKlgSq0gbLf6t1OK12LK6mIJ78pphlnhHdvHeJ75PV6c2lS2Wwd75NYBJzhIojG4U4Lbpe7T_NDFaxExry_7V5oxX8tbb-OzJnuPOQRR0H5uOBjdVo7i5vjnDKOTDpro3XPQjBbIBkABhDdU2FcXkEbl8_ByyYZZni7ekzGrVSJB_vxvv"}"#;
assert_eq!(jwk, generated_jwk);
}
}