Stack Overflow
Stack Overflow

Questions tagged [jose]

JOSE (Javascript Object Signing and Encryption) is a framework intended to provide a method to securely transfer claims (such as authorization information) between parties

JOSE (Javascript Object Signing and Encryption) is a framework intended to provide a method to securely transfer claims (such as authorization information) between parties

The JOSE framework provides a collection of specifications to serve this purpose. A JSON Web Token (JWT) contains claims that can be used to allow a system to apply access control to resources it owns.

One potential use case of the JWT is as the means of authentication and authorization for a system that exposes resources through an OAuth 2.0 model.

Official Website

131 questions
3
votes
1 answer

write a package with the option to import subpaths typescript

I wrote a package let's call it commons and another project that imports it. I do not want to import the whole package but only one subpath of this package. import { client } from '@commons/clients' instead of import { client } from '@commons' I…
Hein Re
  • 73
  • 4
3
votes
1 answer

Any util in jose to convert key from PEM to JWK for Ed25519?

An Ed25519 PEM key pair was generated as below: -----BEGIN PRIVATE KEY----- NC4CAQAwBQYcK2VwBCIEIIWUb0/MoKaBxQkmmPlHIGyPfDQb/U3D6jQ+gMUGtvpa -----END PRIVATE KEY----- -----BEGIN PUBLIC…
user938363
  • 9,990
  • 38
  • 137
  • 303
3
votes
1 answer

How to encrypt dictionary data?

I am using jwcrypto to encrypt data using public key. I have gone through the documentation and the JWE class only takes plaintext as payload. But I have a dictionary to encrypt as a payload. I can convert the dictionary to json and encrypt the…
varad
  • 7,309
  • 20
  • 60
  • 112
3
votes
0 answers

Java (Android): Diffie-Hellman key exchange process according to JWA (RFC 7518)

I need to use ECDH key exchange process in order to encrypt/decrypt messages between the client and the server. I use jose4j library for cryptographic functionality. I have the local key pair (private dC and public QC), I have the remote public key…
Michael Kessler
  • 14,245
  • 13
  • 50
  • 64
3
votes
0 answers

How to configure JWE keys in spring security 5.x.x application for an OpenId Connect client?

Is it possible to configure or autowire a JWE key selector for a spring boot 2.0 application with spring security 5.x.x to be able to decrypt the id_oken received from an OpenId connect provider? The JWS Keys can be defined by the spring security…
Sebastian
  • 183
  • 1
  • 12
3
votes
1 answer

Why does the client need to decrypt JWE?

If I'm using JWE to send an encrypted JSON message, which will be stored on the client-side, for use with authorization, why would the client need to decrypt this message? Client attaches the JWE token to all requests. Server identifies client using…
twils0
  • 2,431
  • 2
  • 12
  • 24
2
votes
2 answers

ECDSA signature generated with mbedtls not verifiable in JOSE (while code worked with RSA key)

I have a small application running on an ESP32 dev board (I use the Arduino IDE together with the shipped mbedtls) that issues and verifies JWT tokens. I have at first used RSA signatures successfully, but now wanted to go for shorter signatures and…
mkuhlmann
  • 23
  • 5
2
votes
1 answer

How to generate JWK from a X.509 PEM certificate in jose4j?

I am trying to produce JWK from an X.509 PEM certificate in jose4j, but I am not getting any clue to do the same. I have already achieved this using nimbus jose+jwt library , can someone please help me with equivalent code for jose4j? Code piece for…
Prakhar
  • 41
  • 6
2
votes
5 answers

Error: Cannot find module 'jose' in node js

I installed the module. Only this module is not working other modules are working fine. When I trying to run it it's throwing following error Error: Cannot find module 'jose' at Function.Module._resolveFilename…
Sarath Kumar
  • 1,136
  • 1
  • 18
  • 41
2
votes
0 answers

How to implement JWS (RFC 7797) signature validation in Ruby?

For a contactless payment implementation in a Ruby on Rails project, I need to verify the signature of a postback. The signature is a JSON Web Signature (JWS) with a detached payload, following the RFC 7797 standard. I've looked the ruby-jose gem as…
wout
  • 2,477
  • 2
  • 21
  • 32
2
votes
1 answer

Decrypting JWE token in golang

I have this problem, I created a JWE in node.js using node-jose by this way: const keystore = [ { kty: 'oct', kid: 'QLdRkgyMx_po0fPo5XnOzQQB4iTcyay36m_PA62SBiw', k:…
Jorge Chiquín Valderrama
  • 23
  • 1
  • 5
2
votes
1 answer

How do I validate a Microsoft jwt id_token?

I am working with jwt tokens coming from Microsoft to a client to authenticate requests from it to an web API (server). I have control over the code of both the client (js) and the server (Python). At the client, I am using the following request to…
Jorge Leitao
  • 19,085
  • 19
  • 85
  • 121
2
votes
1 answer

jose encryption returns binary string but decrypting with decoded string gives error in python

I am using jose for python jwe encryption. Here is my code from the example import jose from time import time from Crypto.PublicKey import RSA key = RSA.generate(2048) claims = {'name': 'Jack'} pub_jwk = {'k':…
varad
  • 7,309
  • 20
  • 60
  • 112
2
votes
1 answer

Different JSON Web Encryption(JWE) tokens generated for same key by Java and .Net 4.6

I have a requirement to generate JWE token from both Java and .Net 4.6 c# application (the JWE tokens will be passed between Java and .Net apps). Java application is using Nimbus Jose library and .Net application is using jose-jwt package available…
Nilmi Nawalage
  • 191
  • 3
  • 18
2
votes
1 answer

How to generate JWT token with 5 headers in Apache CXF?

I am generating a JWT token using the code below JwsHeaders headers = new JwsHeaders(SignatureAlgorithm.HS256); JwtClaims claims = new JwtClaims(); claims.setSubject(login); claims.setIssuer(issuer); …
Alex Bondar
  • 1,167
  • 4
  • 18
  • 35
1
2
3
8 9