You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If you're using RS256, for example, you might do the following:
public_jwk=JOSE.JWK.from_openssh_key_file("my-rsa-key.pub")caseJOSE.JWT.verify_strict(public_jwk,["RS256"],token)do{true,jwt,_jws}-># use the verified jwt claims however you would like...# NOTE: only the signature has been verified,# things like token expiration are not part of this library_-># invalid token, do something elseend
Please let me know whether that works for you or if you have any other questions.
read_key(RsaKey) -> case jose_jwk:from_pem_file(RsaKey) of {error, _} -> {undefined}; RsaPrivateKey -> jose_jwk:to_public(RsaPrivateKey) end.
Work for me, but when i check a expired token with: jose_jwt:verify_strict(RsaPublicKey, [<<"RS512">>], Token) return {true, _ , _ }.Second, when i change data in a claim, verify return {flase,,} ,although i didn't change key and use algorithm "RS512" .This is a bug or my fault?
Can i read public key from file and verify token?
The text was updated successfully, but these errors were encountered: