Skip to content

This issue was moved to a discussion.

You can continue the conversation there. Go to discussion →

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to Sign a jwt token with just a string and not publicKey and privateKey #1103

Closed
trenchesdeveloper opened this issue Mar 11, 2024 · 2 comments
Closed

How to Sign a jwt token with just a string and not publicKey and privateKey #1103

trenchesdeveloper opened this issue Mar 11, 2024 · 2 comments
Assignees
@lestrrat

Comments

@trenchesdeveloper
Copy link

After calling the build, why is it failing with error *error signing token: failed to serialize token at step #2: failed to generate signature for signer #0 (alg=RS256): failed to sign payload: failed to retrieve rsa.PrivateKey out of string: keyconv: expected rsa.PrivateKey or rsa.PrivateKey, got string

`
b := setDefaultBuilder(user, twitter.AccessTokenLifetime, s.Conf)

t, err := b.Build()

if err != nil {
	return "", fmt.Errorf("error building token: %v", err)
}

token, err := jwt.Sign(t, jwt.WithKey(signatureType, s.Conf.Jwt.Secret))

`
@lestrrat
Copy link
Collaborator

How to Sign a jwt token with just a string and not publicKey and privateKey

You can't (at least not for a RSA family algorithms). I think the documentation is pretty explicit saying that the key needs to be one of (1) a raw key (*rsa.PrivateKey, et al), (2) a crypto.Signer, or (3) a jwk.Key

https://pkg.go.dev/github.com/lestrrat-go/jwx/[email protected]/jws#WithKey

token, err := jwt.Sign(t, jwt.WithKey(signatureType, s.Conf.Jwt.Secret))

I can only guess what's store in the s.Conf.Jwt.Secret variable, but I have a feeling you are copying from an example that uses a symmetric algorithm, such as HS256. In that case, the raw key could be a []byte, which is the "raw" version of a jwk.SymmetricKey

@trenchesdeveloper
Copy link
Author

How to Sign a jwt token with just a string and not publicKey and privateKey

You can't (at least not for a RSA family algorithms). I think the documentation is pretty explicit saying that the key needs to be one of (1) a raw key (*rsa.PrivateKey, et al), (2) a crypto.Signer, or (3) a jwk.Key

https://pkg.go.dev/github.com/lestrrat-go/jwx/[email protected]/jws#WithKey

token, err := jwt.Sign(t, jwt.WithKey(signatureType, s.Conf.Jwt.Secret))

I can only guess what's store in the s.Conf.Jwt.Secret variable, but I have a feeling you are copying from an example that uses a symmetric algorithm, such as HS256. In that case, the raw key could be a []byte, which is the "raw" version of a jwk.SymmetricKey

Thank you. I made a mistake using a wrong algo.

@lestrrat-go lestrrat-go locked and limited conversation to collaborators Mar 11, 2024
@lestrrat lestrrat converted this issue into discussion #1104 Mar 11, 2024

This issue was moved to a discussion.

You can continue the conversation there. Go to discussion →

Assignees

@lestrrat lestrrat

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lestrrat @trenchesdeveloper