Comments (1)
jwwb681232
commented on August 23, 2024
@aqshah20
我的方法是在app.js文件里写一个gen-jwks的GET方法路由,然后在terminal中得到类似以下字符串
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIFttQW8HLog4gPR90X6zUxvpqzIc+ATJNZbsfxFCJZ68oAoGCCqGSM49
AwEHoUQDQgAEAFXSiTqDjEHwwdgQRksLo3s+Mzwo/dr6OwAwtfCjFWbc2CaG0Kjw
Fp7N3wmP4b+kyuC5c/I4S25umND91FLRKg==
-----END EC PRIVATE KEY-----
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEINFBzXnzZj3moZ3JEgequtezB0Z1czKNHKfAjpXYi30GoAoGCCqGSM49
AwEHoUQDQgAEuSX/hH3tIIa2Hm29C28s4+pzCeQHS1PrKcJ0l1qHX/fc2sfqFZW8
sgquaRjctanK7hFxUUHBVAKe7OJ4TNlhHw==
-----END EC PRIVATE KEY-----
{"keys":[{"kty":"EC","kid":"inCo96FXYYPKC0e3eOWqunNAbkPhuQ6Oc1dJjlIUWXk","crv":"P-256","x":"AFXSiTqDjEHwwdgQRksLo3s-Mzwo_dr6OwAwtfCjFWY","y":"3NgmhtCo8Baezd8Jj-G_pMrguXPyOEtubpjQ_dRS0So","use":"sig","alg":"ES256"},{"kty":"EC","kid":"6qYAQ96uSN2eyx5P086PyFVxTV3lN
EzTRwKCODraMQw","crv":"P-256","x":"uSX_hH3tIIa2Hm29C28s4-pzCeQHS1PrKcJ0l1qHX_c","y":"3NrH6hWVvLIKrmkY3LWpyu4RcVFBwVQCnuzieEzZYR8","use":"enc","alg":"ECDH-ES+A256KW"}]}
以上字符串第一个区块为签名秘钥,第二个区块为加密秘钥。你需要将这两个区块分别存储为相应的pem文件。第三个区块为JWKS。你需要将第三个区块的内容放在公开可访问的URL地址里(Singpass后台的JWKS Endpoint)。
生成以上字符串的代码如下:
只需在terminal里运行npm start,然后浏览器访问http://localhost:3001/gen-jwks就可得到
app.get("/gen-jwks", function (req, res) {
async function generateKey(){
let key = crypto.generateKeyPairSync('ec', {
namedCurve: 'prime256v1',
publicKeyEncoding: {
type: 'spki',
format: 'pem',
},
privateKeyEncoding: {
type: 'pkcs8',
format: 'pem',
},
});
let cryptoKey = await jose.JWK.asKey(key.privateKey, 'pem');
console.log(cryptoKey.toPEM(true)); //!important
return cryptoKey;
}
async function generateJwks() {
//Creating Signing Key
let signingKey = await generateKey();
let publicSigningKeyJSON = signingKey.toJSON();
//Creating Encryption Key
let encryptionKey = await generateKey();
let publicEncryptionKeyJSON = encryptionKey.toJSON();
let jwks = {
keys: [{...publicSigningKeyJSON,
...{use: 'sig'},
...{crv: 'P-256'},
...{alg: 'ES256'},
},
{...publicEncryptionKeyJSON,
...{use: 'enc'},
...{crv: 'P-256'},
...{alg: 'ECDH-ES+A256KW'},
}]};
console.log(JSON.stringify(jwks));
}
generateJwks();
});注意
config/config.js 文件里的AUTHORIZE_JWKS_URL、MYINFO_JWKS_URL请保持demo里的值不变
from myinfo-demo-app-v4.
Related Issues (5)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from myinfo-demo-app-v4.