jwt icon indicating copy to clipboard operation
jwt copied to clipboard

Published 20 hours ago verified publisher icon golang-jwt

Example requested: RS256 and .well-known/openid-configuration/jwk

Open scohen-examity opened this issue 2 years ago • 2 comments

Just need to authenticate a JWT token, I have the URL to the .well-known... set, not sure how to use the library to get the public key and provide to the decode function

scohen-examity avatar Jun 21 '22 14:06 scohen-examity

I presume you're implementing an OIDC flow, in which case you might want to take a look at https://github.com/coreos/go-oidc

It handles fetching the public key(s) from the discovery endpoint and leverages https://github.com/square/go-jose

mfridman avatar Jun 23 '22 01:06 mfridman

I believe that URL pattern typically leads to a "JWK Set". In the README.md of this repository, you'll see that github.com/MicahParks/keyfunc is mentioned as an extension for JWKS (JWK Set).

Here's an example from keyfunc: https://github.com/MicahParks/keyfunc/blob/master/examples/recommended_options/main.go

Please note that the OpenID Connect (OIDC) and OAuth 2.0 protocols are complex and in most cases you should use high level libraries to ensure your code is fully compliant.

MicahParks avatar Jul 31 '22 20:07 MicahParks