I am using Scala to generate JWT using RS256
algorithm and private keys:
val jwtPayload = s"""{
| "exp": $time,
| "iss": "$orgId",
| "sub": "$technicalAccountId",
| "aud": "${imsExp}/c/${clientId}",
| "${imsExp}/s/${metaScope}": true
|}""".stripMargin
println(jwtPayload)
val token = Jwts.builder()
.setPayload(jwtPayload)
.signWith(SignatureAlgorithm.RS256,privateKey.getBytes("UTF-8"))
But this fails with the error:
Key bytes may only be specified for HMAC signatures. If using RSA or Elliptic Curve, use the signWith(SignatureAlgorithm, Key) method instead.
at io.jsonwebtoken.lang.Assert.isTrue(Assert.java:38)
But the same code works well in javascript:
const jwtPayload = {
exp: Math.round(300 + Date.now() / 1000),
iss: secrets.org,
sub: secrets.id,
aud: `${secrets.imsEndpoint}/c/${secrets.technicalAccount.clientId}`,
[`${secrets.imsEndpoint}/s/${secrets.metascopes}`]: true
};
let token;
try {
token = jwt.sign(
jwtPayload,
{ key: secrets.privateKey},
{ algorithm: 'RS256' }
);
console.log(token);
} catch (tokenError) {
return Promise.reject(tokenError);
}
I am unable to identify two things:
- How to pass passphrase?
- How to get rid of below error:
Key bytes may only be specified for HMAC signatures. If using RSA or Elliptic Curve, use the signWith(SignatureAlgorithm, Key) method instead.
at io.jsonwebtoken.lang.Assert.isTrue(Assert.java:38)
When I remove .getBytes
method, I recieve a new error:
Exception in thread "main" java.lang.IllegalArgumentException: Base64-encoded key bytes may only be specified for HMAC signatures. If using RSA or Elliptic Curve, use the signWith(SignatureAlgorithm, Key) method instead.