jwt-framework icon indicating copy to clipboard operation
jwt-framework copied to clipboard
verified publisher icon web-token

Create a JWKSet with existing JWK with the symfony bundle

Open tomme87 opened this issue 3 years ago • 5 comments

Description Looks like there is no way to create a JWKSet with existing JWK defined with the Symfony bundle.

I would like to be able to create a key_set from other keys I have defined in the config.

Example

jose:
  keys:
    key1:
      file:
        path: '/path/to/key1'
    key2:
      file:
        path: '/path/to/key2'

  key_sets:
    keyset_name:
      jwks: # This is the method I want to add
        - key1
        - key2

tomme87 avatar Aug 12 '22 11:08 tomme87

Hi @tomme87,

This behaviour does not exist, but the opposite one does: https://web-token.spomky-labs.com/the-symfony-bundle/key-and-key-set-management/key-management-jwk#from-a-key-in-a-key-set

I understand that the JWKs are generated from existing keys. As this is not really efficient (requires key conversion during runtime), I suggest to create the JWKSet from those keys. This way you avoid conversion and can have single keys as you expect.

Spomky avatar Aug 12 '22 15:08 Spomky

Thanks for the quick reply.

Good suggestion. I will create the JWKSet instead, and go from there.

tomme87 avatar Aug 12 '22 16:08 tomme87

Hi,

I was searching for the same thing, as is want to share the public key on a `/key/set' URL; so I have my public_key in a file (for use in a combinaison of symfony/oauth2-server/openid-connect-server).

I don't see how I could declare a JWKSet with no keys, except by giving it one in json format ?

thejoelinux avatar Aug 26 '22 14:08 thejoelinux

Hi @thejoelinux,

What about JWK as a service? With this feature, you will be able to inject your key in a controller and return a JsonResponse

Spomky avatar Aug 26 '22 20:08 Spomky

That's what i finally did (public be the name of the key in the yaml configuration):

<?php

namespace App\Controller;

use Jose\Component\Core\JWK;
use Jose\Component\Core\JWKSet;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\Routing\Annotation\Route;

class KeyController extends AbstractController
{
    #[Route('/openid/key/set')]
    public function decode(JWK $publicKey): JsonResponse
    {
        $keySet = new JWKSet([$publicKey]);
        return new JsonResponse($keySet->jsonSerialize());
    }
}

But it would have been practical to directly use the controller from the module.

thejoelinux avatar Aug 27 '22 09:08 thejoelinux

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

stale[bot] avatar Sep 28 '22 00:09 stale[bot]

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

github-actions[bot] avatar Feb 25 '24 04:02 github-actions[bot]