-
-
Notifications
You must be signed in to change notification settings - Fork 82
JWK
You can initiate JSON::JWK instance from an instance of
StringHashOpenSSL::PKey::RSAOpenSSL::PKey::EC
JSON::JWK instance generated from String is automatically detected as kty=oct (shared key).
jwk = JSON::JWK.new 'shared-key'
jwk[:kty] # => :oct
jwk[:k] # => 'shared-key'Hash input is to specify each JWK element directly.
JSON::JWK.new(
kty: :RSA,
e: 'AQAB',
n: 'AK8ppaAGn6N3jDic2...'
) # => RSA public keyOpenSSL::PKey::RSA and OpenSSL::PKey::EC are for kty=RSA and kty=EC, and both public and private key are supported.
private_key = OpenSSL::PKey::RSA.generate(2048)
public_key = private_key.public_key
JSON::JWK.new(private_key) # => JWK including RSA private key components
JSON::JWK.new(public_key)This gem also defines OpenSSL::PKey::RSA#to_jwk and OpenSSL::PKey::EC#to_jwk.
private_key = OpenSSL::PKey::RSA.generate(2048)
private_key.to_jwkYou can set kid or any extensional attributes by passing option hash as 2nd argument.
JSON::JWK.new(
private_key,
kid: 'default'
)If the input is a Hash, put all extensional attributes in the 1st hash.
JSON::JWK.new(
kty: :RSA,
e: 'AQAB',
n: 'AK8ppaAGn6N3jDic2...',
kid: 'default'
)JSON::JWK.new(hash) should works.
If you want convert an JSON::JWK instance to OpenSSL::PKey::RSA or OpenSSL::PKey::EC instance, call JSON::JWK#to_key.
jwk = JSON::JWK.new(
kty: :RSA,
e: 'AQAB',
n: 'AK8ppaAGn6N3jDic2...'
)
jwk.to_key # => OpenSSL::PKey::RSA`JSON::JWK.decode also does JSON::JWK.new(input).to_key internally for backward compatibility.
[RFC7638] JSON Web Key (JWK) Thumbprint is also supported.
Just call JSON::JWK#thumbprint.
jwk = JSON::JWK.new public_key
jwk.thumbprint