Spaces:
Runtime error
Runtime error
| import * as jose from 'jose'; | |
| import { JwksError } from './errors'; | |
| function resolveAlg(jwk: { alg?: string; kty: string; crv?: string }) { | |
| if (jwk.alg) { | |
| return jwk.alg; | |
| } | |
| if (jwk.kty === 'RSA') { | |
| return 'RS256'; | |
| } | |
| if (jwk.kty === 'EC') { | |
| switch (jwk.crv) { | |
| case 'P-256': | |
| return 'ES256'; | |
| case 'secp256k1': | |
| return 'ES256K'; | |
| case 'P-384': | |
| return 'ES384'; | |
| case 'P-521': | |
| return 'ES512'; | |
| } | |
| } | |
| if (jwk.kty === 'OKP') { | |
| switch (jwk.crv) { | |
| case 'Ed25519': | |
| case 'Ed448': | |
| return 'EdDSA'; | |
| } | |
| } | |
| throw new JwksError('Unsupported JWK'); | |
| } | |
| export async function retrieveSigningKeys(jwks: any[]) { | |
| const results = []; | |
| jwks = jwks.filter(({ use }) => use === 'sig' || use === undefined).filter(({ kty }) => kty === 'RSA' || kty === 'EC' || kty === 'OKP'); | |
| for (const jwk of jwks) { | |
| try { | |
| const key = await jose.importJWK({ ...jwk, ext: true }, resolveAlg(jwk)); | |
| if ((key as jose.KeyLike).type !== 'public') { | |
| continue; | |
| } | |
| results.push({ | |
| get publicKey() { | |
| return key; | |
| }, | |
| get rsaPublicKey() { | |
| return key; | |
| }, | |
| getPublicKey() { | |
| return key; | |
| }, | |
| ...(typeof jwk.kid === 'string' && jwk.kid ? { kid: jwk.kid } : undefined), | |
| ...(typeof jwk.alg === 'string' && jwk.alg ? { alg: jwk.alg } : undefined), | |
| }); | |
| } catch (err: any) { | |
| console.error('Error importing JWK:', err); | |
| continue; | |
| } | |
| } | |
| return results; | |
| } | |