Support RS256 algorithm in jwt command

2016-11-21 18:56:50 +09:00 · 2016-11-21 18:56:50 +09:00 · c5d6625a50
parent 9ed569b5d1
commit c5d6625a50
2 changed files with 17 additions and 2 deletions
--- a/cmd/jwt/README.md
+++ b/cmd/jwt/README.md
@ -6,8 +6,8 @@ the command line.

 The following will create and sign a token, then verify it and output the original claims:

-     echo {\"foo\":\"bar\"} | bin/jwt -key test/sample_key -alg RS256 -sign - | bin/jwt -key test/sample_key.pub -verify -
+     echo {\"foo\":\"bar\"} | ./jwt -key ../../test/sample_key -alg RS256 -sign - | ./jwt -key ../../test/sample_key.pub -alg RS256 -verify -

 To simply display a token, use:

-    echo $JWT | jwt -show -
+    echo $JWT | ./jwt -show -
--- a/cmd/jwt/app.go
+++ b/cmd/jwt/app.go
@ -126,6 +126,8 @@ func verifyToken() error {
 		}
 		if isEs() {
 			return jwt.ParseECPublicKeyFromPEM(data)
+		} else if isRs() {
+			return jwt.ParseRSAPublicKeyFromPEM(data)
 		}
 		return data, nil
 	})
@ -196,6 +198,15 @@ func signToken() error {
 				return err
 			}
 		}
+	} else if isRs() {
+		if k, ok := key.([]byte); !ok {
+			return fmt.Errorf("Couldn't convert key data to key")
+		} else {
+			key, err = jwt.ParseRSAPrivateKeyFromPEM(k)
+			if err != nil {
+				return err
+			}
+		}
 	}

 	if out, err := token.SignedString(key); err == nil {
@ -243,3 +254,7 @@ func showToken() error {
 func isEs() bool {
 	return strings.HasPrefix(*flagAlg, "ES")
 }
+
+func isRs() bool {
+	return strings.HasPrefix(*flagAlg, "RS")
+}