From c5d6625a5076ea9315346fff0e02e8d9fd5f3168 Mon Sep 17 00:00:00 2001
From: Hiroaki Nakamura <hnakamur@gmail.com>
Date: Mon, 21 Nov 2016 18:56:50 +0900
Subject: [PATCH] Support RS256 algorithm in jwt command

---
 cmd/jwt/README.md |  4 ++--
 cmd/jwt/app.go    | 15 +++++++++++++++
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/cmd/jwt/README.md b/cmd/jwt/README.md
index 4a68ba4..c05150e 100644
--- a/cmd/jwt/README.md
+++ b/cmd/jwt/README.md
@@ -6,8 +6,8 @@ the command line.
 
 The following will create and sign a token, then verify it and output the original claims:
 
-     echo {\"foo\":\"bar\"} | bin/jwt -key test/sample_key -alg RS256 -sign - | bin/jwt -key test/sample_key.pub -verify -
+     echo {\"foo\":\"bar\"} | ./jwt -key ../../test/sample_key -alg RS256 -sign - | ./jwt -key ../../test/sample_key.pub -alg RS256 -verify -
 
 To simply display a token, use:
 
-    echo $JWT | jwt -show -
+    echo $JWT | ./jwt -show -
diff --git a/cmd/jwt/app.go b/cmd/jwt/app.go
index c037114..b38e642 100644
--- a/cmd/jwt/app.go
+++ b/cmd/jwt/app.go
@@ -126,6 +126,8 @@ func verifyToken() error {
 		}
 		if isEs() {
 			return jwt.ParseECPublicKeyFromPEM(data)
+		} else if isRs() {
+			return jwt.ParseRSAPublicKeyFromPEM(data)
 		}
 		return data, nil
 	})
@@ -196,6 +198,15 @@ func signToken() error {
 				return err
 			}
 		}
+	} else if isRs() {
+		if k, ok := key.([]byte); !ok {
+			return fmt.Errorf("Couldn't convert key data to key")
+		} else {
+			key, err = jwt.ParseRSAPrivateKeyFromPEM(k)
+			if err != nil {
+				return err
+			}
+		}
 	}
 
 	if out, err := token.SignedString(key); err == nil {
@@ -243,3 +254,7 @@ func showToken() error {
 func isEs() bool {
 	return strings.HasPrefix(*flagAlg, "ES")
 }
+
+func isRs() bool {
+	return strings.HasPrefix(*flagAlg, "RS")
+}