advanced example with json encoding array and decoding
i will try to use the branch 4.0.x to create more clear tests
Hi, I wan't to use asymetric signing and created a new RSA key pair for that, but I'm getting the following error:
Lcobucci\JWT\Signer\InvalidKeyProvided: It was not possible to parse your key, reason: error:0909006C:PEM routines:get_name:no start line in lcobucci/jwt/src/Signer/InvalidKeyProvided.php on line 13
Here's my configuration:
$config = Configuration::forAsymmetricSigner( new \Lcobucci\JWT\Signer\Rsa\Sha512(), LocalFileReference::file('/path/to/key.id_rsa'), LocalFileReference::file('/path/to/key.id_rsa.pem'), );
I've created the SSH key and PEM file with the following commands:
ssh-keygen -t RSA -b 4096 # no passphrase ssh-keygen -f key.id_rsa -e -m pem > key.id_rsa.pem
Sorry if that's a dumb question, but I'm not that familiar with cryptography :see_no_evil:
Thanks in advance!
openssl rsa -in private.pem -pubout -outform PEM -out public.pem
Hey all. I'm trying to use the lcobucci/jwt library to verify a JWT given by Amazon Cognito.
I believe this is the type of token that is supposed to be verified only using the public key without access to the private key, but I'm not totally sure of that. I'm not trying to create a JWT, only to verify one.
Regardless, Cognito has something they call a "public JSON Web Key". Does lcobucci/jwt work with JWKs? I don't see any reference to them in the documentation.
The examples here fetch the configuration object from a hypothetical dependency injection container. You can create it in the same script or require it from a different file. It basically depends on how your system is bootstrapped.