Skip to content

The JWK Store is a flexible solution that allows you to provide your services with custom JSON Web Keys (JWK). It enables clients to request a JWK from the server, which can be associated with a password. If no JWK is found for the given ID, a new one will be generated.

License

Notifications You must be signed in to change notification settings

TM9657/jwk-store

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

🔐 JWK Store

The JWK Store is a flexible solution that allows you to provide your services with custom JSON Web Keys (JWK). It enables clients to request a JWK from the server, which can be associated with a password. If no JWK is found for the given ID, a new one will be generated.

The private JWK resulting from this process is encrypted using the provided password and stored in KV alongside a bcrypt hashed password. On the other hand, clients can retrieve the public JWK associated with a specific ID without needing to provide any password.

Clients with the password and API-Key can send a request to the server with an attached password in order to retrieve the private JWK. The server will verify if the provided password matches against the stored bcrypt hash and use it to successfully decrypt and return the private JWK.

Endpoints:

  • GET / - public
  • GET /:id - public Fetches the public JWK.
  • POST /secure/:id - API Key required If the ID is not used, creates a new JWK. If the JWK is already used returns the exisiting private JWK.
  • DELETE /secure/:id - API Key required Removes the JWK.

Features

  • Flexible JWK Management
  • Easy JWK Distribution for Serverless or other horizontally scaled environments

Setup

Configure a KV to use with the app. Insert the ID in the wrangler.toml.

  • bun install ➡️ installs the dependencies
  • wrangler secret put API_KEY ➡️ set an API-Key. Remember this key as it has to be used to create new JWK or fetch the private keys of them.
  • wrangler secret put BUCKET_PUBLIC_ADDRESS ➡️ set an API-Key. Remember this key as it has to be used to create new JWK or fetch the private keys of them.
  • bun run deploy ➡️ deploys the solution to cloudflare
  • (optional) set a custom domain in your dashboard

Provided by TM9657 GmbH with ❤️

Check out some of our products:

  • Kwirk.io (Text Editor with AI integration, privacy focus and offline support)

About

The JWK Store is a flexible solution that allows you to provide your services with custom JSON Web Keys (JWK). It enables clients to request a JWK from the server, which can be associated with a password. If no JWK is found for the given ID, a new one will be generated.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published