Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: jose asymmetric, closes #21 #22

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

feat: jose asymmetric, closes #21 #22

wants to merge 3 commits into from

Conversation

LIMPIX31
Copy link

@LIMPIX31 LIMPIX31 commented Feb 3, 2024
edited
Loading

Details

Asymmetric algorithms are not currently supported. At least I have not been able to get EdDSA to work as I described in #21.

Feature

  • Added support for asymmetric algorithms
  • Jose updated to version 5

How it works now

For asymmetric algorithms, use the privateKey and publicKey properties

const crv = 'Ed25519'
const d = 'N3cOzsFZwiIbtNiBYQP9bcbcTIdkITC8a4iRslrbW7Q'
const x = 'RjnTe-mqZcVls6SQ5CgW0X__jRaa-Quj5HBDREzVLhc'
const kty = 'OKP'

export const jwt = jwtPlugin({
  name: 'jwt',
  alg: 'EdDSA',
  exp: '30m',
  schema: user,
  privateKey: await importJWK({ crv, d, x, kty }, 'EdDSA'),
  publicKey: await importJWK({ crv, x, kty }, 'EdDSA')
})

As long as the PR is open

You can use this feature now

{
  "dependencies": {
    "@elysiajs/jwt": "github.com:LIMPIX31/elysia-jwt#8805cdfc6242f0bdb1079b26a46014f37fc08f7f"
  }
}

@SaltyAom

@justin13888
Copy link

justin13888 commented Mar 26, 2024
edited
Loading

Was puzzled for a bit why EdDSA didn't work myself as well.

Will this be merged?

@LIMPIX31
Copy link
Author

@SaltyAom Any review on this? 🙃

@justin13888
Copy link

justin13888 commented Mar 27, 2024
edited
Loading

@SaltyAom Any review on this? 🙃

I tried using the PR version in some test code (github.com:LIMPIX31/elysia-jwt#8805cdfc6242f0bdb1079b26a46014f37fc08f7f). It's great to be able to use asymmetric encryption for JWT.

EdDSA works but perhaps add some basic unit tests for all the other options to spot check.

Also, I noticed TypeScript type inferencing is broken unlike the latest release version. My test code looked something like this:

new Elysia().use(jwt({
  name: 'jwt',
  alg: 'EdDSA',
  exp: '30m',
  schema: user,
  privateKey: await importJWK({ crv, d, x, kty }, 'EdDSA'),
  publicKey: await importJWK({ crv, x, kty }, 'EdDSA')
}))
.get("/", ({ jwt}) => {...})

jwt would have type any when it should have a type.

@LIMPIX31 LIMPIX31 force-pushed the feat/jose-asymmetric branch from f1ea0df to 28be467 Compare March 27, 2024 07:00
@LIMPIX31
Copy link
Author

@SaltyAom Any review on this? 🙃

I tried using the PR version in some test code (github.com:LIMPIX31/elysia-jwt#8805cdfc6242f0bdb1079b26a46014f37fc08f7f). It's great to be able to use asymmetric encryption for JWT.

EdDSA works but perhaps add some basic unit tests for all the other options to spot check.

Also, I noticed TypeScript type inferencing is broken unlike the latest release version. My test code looked something like this:

new Elysia().use(jwt({
  name: 'jwt',
  alg: 'EdDSA',
  exp: '30m',
  schema: user,
  privateKey: await importJWK({ crv, d, x, kty }, 'EdDSA'),
  publicKey: await importJWK({ crv, x, kty }, 'EdDSA')
}))
.get("/", ({ jwt}) => {...})

jwt would have type any when it should have a type.

I don't have problems with types. What version of TS are you using? Try using 5.3.3.

P.S. I discarded the build commits in the main branch of my fork to be able to sync it

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@LIMPIX31 @justin13888