okta-sdk-golang
okta-sdk-golang copied to clipboard
okta
JsonWebKey struct does not support Elliptic Curve JWK
Provided implementation of JsonWebKey structure does not include fields needed to register ECDSA JWK. This difference causes that using structs present in SDK I am able to use only RSA keys.
Example of RSA-based JWK:
{
"kty": "RSA",
"e": "AQAB",
"use": "sig",
"alg": "RS256",
"n": "kRLseeDO...<truncated>...r3hmQ"
}
Example of ECDSA-based JWK (cannot be created using structs from SDK):
{
"kty": "EC",
"use": "sig",
"crv": "P-256",
"x": "l2nXQlDxziCE...<truncated>...A",
"y": "YPhR_peeCwla...<truncated>...w",
"alg": "ES256"
}
Missing fields (x, y, crv) are related to Elliptic Curve key and are noted in RFC 7517: JSON Web Key, Section 3.
I was able to register Okta Applications with both RSA and ECDSA keys while invoking POST /api/v1/apps via Postman.
@pawelaugustyn Looks like we missed those properties when updating the JWK object in our spec. I will discuss this with our team to figure out how we can get this included.
In the mean time, to unblock you, I can suggest you using our feature that allows you to call endpoints directly through our SDK: https://github.com/okta/okta-sdk-golang#call-other-api-endpoints This will allow you to make a call to the current URL, while allowing you to pass in your own JWK object. If you can provide a snippet of your code, I would be happy to look at it and help you translate it over to a working version, while we work on our end to get this feature updated.
This issue has been marked stale because there has been no activity within the last 14 days. To keep this issue active, remove the stale label, or it will be closed in 5 days.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
This issue has been marked stale because there has been no activity within the last 14 days. To keep this issue active, remove the stale label.
