Stack Overflow
Stack Overflow

Questions tagged [jose]

JOSE (Javascript Object Signing and Encryption) is a framework intended to provide a method to securely transfer claims (such as authorization information) between parties

JOSE (Javascript Object Signing and Encryption) is a framework intended to provide a method to securely transfer claims (such as authorization information) between parties

The JOSE framework provides a collection of specifications to serve this purpose. A JSON Web Token (JWT) contains claims that can be used to allow a system to apply access control to resources it owns.

One potential use case of the JWT is as the means of authentication and authorization for a system that exposes resources through an OAuth 2.0 model.

Official Website

131 questions
1
vote
2 answers

Verifying GCP JWT signature manually in JS

I've been able to verify a GCP ID token on jwt.io's web UI okay, but am struggling to replicated it in code in JS. I've used both the jose and the jsrsasign libraries to little success. A bit of my own code to get the basics function…
David Min
  • 1,246
  • 8
  • 27
1
vote
1 answer

Verify webhook from signature using PHP with gree/jose library

I'm trying to follow the 3rd party documentation for verifying a webhook body using the Signature header -- the 3rd party will be referred to as 3P going forward). 3P offered a sample Kotlin implementation using a java library. I am using PHP and…
mickmackusa
  • 43,625
  • 12
  • 83
  • 136
1
vote
2 answers

No Java-Jose-package supports my ECDHES Curve-algorithm

I'm trying set up a JWE encrypted with a given JWK using the ECDH-ES Algorithm and the curve brainpoolP256r1. I would really like to use a Jose package, like Nimbus Jose or jose4j. Unfortunately both don't support the brainpool-curve. I've searched…
Apertif
  • 11
  • 2
1
vote
0 answers

Common secret using ConcatKDH in node-jose

I'm trying to generate a common secret key using ConcatKDF algorithm. In the following example alice is trying to generate a common secret using bobs public key using node-jose library: const index = require('node-jose/lib/algorithms/index'); …
Gleb
  • 11
  • 4
1
vote
2 answers

Nodejs construct the public key using public key string

I have a public key string as follows let pk_str = "public key strig here" and I am using the library jose to verify a JWS (async() => { const decoder = new TextDecoder(); const jws = vc_proof_value; …
not 0x12
  • 19,360
  • 22
  • 67
  • 133
1
vote
1 answer

creating JWK and JWS using jose, however getting error "unsupported algorithm"

I have to encrypt the payload using ES256 algorithm. Also have to use kid in JWK as described in below code. I am using the jose libraries for creating signature. Below is the code: var jose = require("node-jose"); async function a1(){ try { …
priyanka mane
  • 35
  • 1
  • 5
1
vote
1 answer

jws.sign is not working with algorithm RS256

I am trying to sign a JSON encoded object with jws.sign and hence tried this example given here: https://python-jose.readthedocs.io/en/latest/jws/index.html But problem is that jws.sign is working fine with algorithm HS256 given in the example above…
itzmeesuvm
  • 151
  • 1
  • 4
1
vote
1 answer

Empty payload when generating JWS

My goal is to create an unencrypted signed token. I'm generating my JWT like this : private const string C_ISSUER_SIGNINGKEY = "kXp2s5v8y/B?D(G+KbPeShVmYq3t6w9z"; private const JweAlgorithm JWE_ALGO = JweAlgorithm.DIR; private const JweEncryption…
WynDiesel
  • 1,104
  • 7
  • 38
1
vote
1 answer

JOSE Error [ERR_PACKAGE_PATH_NOT_EXPORTED]

I keep on getting this error since I installed this module yesterday with jose package from npm here Error [ERR_PACKAGE_PATH_NOT_EXPORTED]: No "exports" main defined in /home/dev/projects/api/node_modules/jose/package.json at throwExportsNotFound…
Geek Guy
  • 710
  • 1
  • 8
  • 28
1
vote
1 answer

I have Modulus and Exponent how to generate JWE for some payload using JavaScript

We have a requirement where we will get modulus from service call to be used for encrypting (JWE) some data at client side Example of modulus, and exponent (cannot be changed formats) { "modulus":…
Kiran
  • 1,145
  • 1
  • 8
  • 22
1
vote
0 answers

Jwt payload not encrypted

I seem to be missing something about Jwt. I followed this SO answer, which works. However, my data is still not encrypted. I generate a private key: `openssl genrsa -out privateKey.pem 512` Then I (attempt to) encrypt it into a Jwt token, with…
WynDiesel
  • 1,104
  • 7
  • 38
1
vote
2 answers

How to validate a JWT from AzureAD in python?

I have set up an authorization server using AzureAD. For testing it I am currently applying an implicit flow and to get a token and id_token I use https://oidcdebugger.com/. Now I am trying to figure out how to properly validate a the token on the…
mRcSchwering
  • 820
  • 8
  • 25
1
vote
1 answer

decoding jwt AuthError: ({'code': 'invalid_header', 'description': 'Unable to parse authentication token.'}, 400)

I'm trying to set up auth0 and I'm running into problems. I can get my token and when I go to jwt.io it decodes it correctly but I can't decode it with python. When I try I get this error AuthError: ({'code': 'invalid_header', 'description':…
Michael Wycklendt
  • 159
  • 2
  • 11
1
vote
1 answer

How to Encryption JWT Payload with Public Key RSA_OAEP_256

I'm using "BouncyCastle.NetCore" and "jose-jwt" libraries to sign and encrypt a web token. I'm able to sign with my private key by below code. but the requirements is to also perform OpenID JWT Encryption In order to encrypt the JWT payload, we need…
Tarek El-Mallah
  • 4,015
  • 1
  • 31
  • 46
1
vote
0 answers

JWE Encryption / Decryption using EC (ECDH_ES_A256KW, A256GCM) in .NET Core 3.1

I'm using the "jose-jwt" library in C#. I'm able to get JWE encryption / decryption working for both RSA (RSA_OAEP_256, A256GCM) and EC (ECDH_ES_A256KW, A256GCM) in .NET 4.8. See sample code below. However for .NET Core 3.1, only the RSA…
Carl Prothman
  • 1,461
  • 13
  • 23
1 2 3
8 9