如何使用jose.4.j输出JWK set endpoint?
How to use jose.4.j to output JWK set endpoint?
我可以看到如何使用 jose.4.j but what I'm wondering is how to take an array of them and output a publicly accessible JSON list for use as part of the discovery endpoint in OiDC. Something like the IETF draft example 创建新的 Key ...
{"keys":
[
{"kty":"EC",
"crv":"P-256",
"x":"MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4",
"y":"4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM",
"use":"enc",
"kid":"1"},
{"kty":"RSA",
"n": "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx
4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMs
tn64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2
QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbI
SD08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqb
w0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw",
"e":"AQAB",
"alg":"RS256",
"kid":"2011-04-29"}
]
}
我想我缺少一些明显的东西,比如没有显示私钥的 toString()?
JsonWebKeySet 上有一个 String toJson(JsonWebKey.OutputControlLevel outputControlLevel) 方法,当使用 JsonWebKey.OutputControlLevel.PUBLIC_ONLY 调用时,它只包含 public 部分。那应该给你你正在寻找的东西。 JsonWebKeySet 可以用 JsonWebKeys 列表实例化。
类似这样的东西,例如,
RsaJsonWebKey rsaJwk1 = RsaJwkGenerator.generateJwk(2048);
RsaJsonWebKey rsaJwk2 = RsaJwkGenerator.generateJwk(2048);
EllipticCurveJsonWebKey ecJwk = EcJwkGenerator.generateJwk(EllipticCurves.P256);
JsonWebKeySet jwks = new JsonWebKeySet(rsaJwk1, rsaJwk2, ecJwk);
String jwksJson = jwks.toJson(JsonWebKey.OutputControlLevel.PUBLIC_ONLY);
System.out.println(jwksJson);
会给予,
{"keys":[{"kty":"RSA","n":"4cejS2CzkJuoLe9ry1JDdS_-RkpR2UMLialeH9WleuQFbFT3caK-GtNwObcd9_xEZ2H7um2GgZuscCMepo7d0FmwQUnfnTy9-_ckdgvVCH6lF62H3Jd4FBWAlcp_100kEJUe9YwfytdJ0zpOLo5Q38kH31cyMZmZRfexf33CzMNhlgE3mydpM9NAOAnR8IXW43tl1lPEy_dvLE9kM4idIjhd5Xd0a_YmRr05PK4UgFot0cuzZgu0HHe1qM7aFevwSOQ_Y86g4ofjZWHQWGJRN6WCBlGLscUwB52-hlJC0GrVEI0Cb55bfAfu01P1eFTjwyjfwggyLFZLdiAkZl2Jkw","e":"AQAB"},{"kty":"RSA","n":"jyOndkwyHBaHMn1xTIPfKV8PulJi6lcqqnw3sOabE-hClQr6De_OEcMnfCHPuogz1oep0A7-SvjY6Lclp0Pa5JDnHy6fI8UkSmASS6cwEUVWg18taFazRu2GtKDmMzT0Sh7ZCRGLWU74p5hRHGCerVnLcJUqSzT7kuGViZWVaIt00SfI6OImDpJTnaoxSwasdrhIZ_j5ARM93B2RKFsEb1kZ_gPnlP_0Qzs62LLG-78QQzlfMTd6v29vNr1FPPeZe744ni5Rpp19vEfEShGSV6Vz8K_Z2JlYC8PA_cRx47FLvmj9fB1u_wWYNP5ryGjv2E5Vjy9tqnIOmmtByoTdFw","e":"AQAB"},{"kty":"EC","x":"EEzQrpMmJ4XQgJFNGFNVI2WLmoaIpMYBTNF1_D5lp2U","y":"rENpzGhayZRoVR-7cFWJKElDQdJkJrKrDJ0-FqNpstA","crv":"P-256"}]}
我可以看到如何使用 jose.4.j but what I'm wondering is how to take an array of them and output a publicly accessible JSON list for use as part of the discovery endpoint in OiDC. Something like the IETF draft example 创建新的 Key ...
{"keys":
[
{"kty":"EC",
"crv":"P-256",
"x":"MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4",
"y":"4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM",
"use":"enc",
"kid":"1"},
{"kty":"RSA",
"n": "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx
4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMs
tn64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2
QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbI
SD08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqb
w0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw",
"e":"AQAB",
"alg":"RS256",
"kid":"2011-04-29"}
]
}
我想我缺少一些明显的东西,比如没有显示私钥的 toString()?
JsonWebKeySet 上有一个 String toJson(JsonWebKey.OutputControlLevel outputControlLevel) 方法,当使用 JsonWebKey.OutputControlLevel.PUBLIC_ONLY 调用时,它只包含 public 部分。那应该给你你正在寻找的东西。 JsonWebKeySet 可以用 JsonWebKeys 列表实例化。
类似这样的东西,例如,
RsaJsonWebKey rsaJwk1 = RsaJwkGenerator.generateJwk(2048);
RsaJsonWebKey rsaJwk2 = RsaJwkGenerator.generateJwk(2048);
EllipticCurveJsonWebKey ecJwk = EcJwkGenerator.generateJwk(EllipticCurves.P256);
JsonWebKeySet jwks = new JsonWebKeySet(rsaJwk1, rsaJwk2, ecJwk);
String jwksJson = jwks.toJson(JsonWebKey.OutputControlLevel.PUBLIC_ONLY);
System.out.println(jwksJson);
会给予,
{"keys":[{"kty":"RSA","n":"4cejS2CzkJuoLe9ry1JDdS_-RkpR2UMLialeH9WleuQFbFT3caK-GtNwObcd9_xEZ2H7um2GgZuscCMepo7d0FmwQUnfnTy9-_ckdgvVCH6lF62H3Jd4FBWAlcp_100kEJUe9YwfytdJ0zpOLo5Q38kH31cyMZmZRfexf33CzMNhlgE3mydpM9NAOAnR8IXW43tl1lPEy_dvLE9kM4idIjhd5Xd0a_YmRr05PK4UgFot0cuzZgu0HHe1qM7aFevwSOQ_Y86g4ofjZWHQWGJRN6WCBlGLscUwB52-hlJC0GrVEI0Cb55bfAfu01P1eFTjwyjfwggyLFZLdiAkZl2Jkw","e":"AQAB"},{"kty":"RSA","n":"jyOndkwyHBaHMn1xTIPfKV8PulJi6lcqqnw3sOabE-hClQr6De_OEcMnfCHPuogz1oep0A7-SvjY6Lclp0Pa5JDnHy6fI8UkSmASS6cwEUVWg18taFazRu2GtKDmMzT0Sh7ZCRGLWU74p5hRHGCerVnLcJUqSzT7kuGViZWVaIt00SfI6OImDpJTnaoxSwasdrhIZ_j5ARM93B2RKFsEb1kZ_gPnlP_0Qzs62LLG-78QQzlfMTd6v29vNr1FPPeZe744ni5Rpp19vEfEShGSV6Vz8K_Z2JlYC8PA_cRx47FLvmj9fB1u_wWYNP5ryGjv2E5Vjy9tqnIOmmtByoTdFw","e":"AQAB"},{"kty":"EC","x":"EEzQrpMmJ4XQgJFNGFNVI2WLmoaIpMYBTNF1_D5lp2U","y":"rENpzGhayZRoVR-7cFWJKElDQdJkJrKrDJ0-FqNpstA","crv":"P-256"}]}