funcool

A channel for discussing and asking questions about Funcool libraries https://github.com/funcool/
mitchelkuijpers 2018-09-14T06:47:54.000100Z

Hi I am trying to use buddy to validate tokens from Amazon cognito, but they use JWK, has anyone else attempted this before?

mitchelkuijpers 2018-09-14T06:49:33.000100Z

It basically means you have to get a public key from an endpoint and then use that to unsign the JWT token but I am not quite sure how, I found this to get the public key:

(:import java.math.BigInteger
           java.security.KeyFactory
           java.security.PublicKey
           java.security.spec.RSAPublicKeySpec
           org.bouncycastle.jcajce.provider.asymmetric.rsa.BCRSAPublicKey)

(defn jwk->public-key [jwk]
  (let [kty (get jwk :kty)
        n   (some-> (get jwk :n)
                    ^bytes (base64/decode)
                    (BigInteger.))
        e   (some-> (get jwk :e)
                    ^bytes (base64/decode)
                    (BigInteger.))]
    (and kty n e
         (->> (RSAPublicKeySpec. n e)
              (.generatePublic (KeyFactory/getInstance kty))))))

mitchelkuijpers 2018-09-14T06:54:55.000100Z

Oh it seems there is some support but I need to upgrade buddy.. Sorry for the noise