Get OpenID keys from issuer.
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
src
tests
.gitignore
LICENSE
README.markdown
openid-key-test.asd
openid-key.asd

README.markdown

Openid-Key

You can get public key of OpenID Connect id-token. Then, you can verify id-token with the key.

OpedID Key format has defined in JSON Web Key (JWK).

Usage

CL-USER> (setf *keys* (openid-key:get-openid-keys "https://accounts.google.com"))
#S(OPENID-KEY::OPENID-KEYS
   :ISSUER "https://accounts.google.com"
   :JWKS-EXPIRES @2018-11-03T20:03:46.000000+09:00
   :KEYS (#S(OPENID-KEY::OPENID-KEY
             :KTY "RSA"
             :USE "sig"
             :ALG "RS256"
             :KID "8289d54280b76712de41cd2ef95972b123be9ac0"
             :KEY #<IRONCLAD::RSA-PUBLIC-KEY {1001EE03A3}>)
          #S(OPENID-KEY::OPENID-KEY
             :KTY "RSA"
             :USE "sig"
             :ALG "RS256"
             :KID "aa436c3f63b281ce0d976da0b51a34860ff960eb"
             :KEY #<IRONCLAD::RSA-PUBLIC-KEY {1001F40433}>)))
CL-USER> (openid-key:find-openid-key "8289d54280b76712de41cd2ef95972b123be9ac0" *keys*)
#<IRONCLAD::RSA-PUBLIC-KEY {1001B512E3}>
"RS256"
"RSA"
"sig"

You may also be interested in Jose for verify id-token.

Installation