diff --git a/single-factor-auth-node/sfa-telegram-oauth-server/README.md b/single-factor-auth-node/sfa-telegram-oauth-server/README.md index b53addf7..540b0d61 100644 --- a/single-factor-auth-node/sfa-telegram-oauth-server/README.md +++ b/single-factor-auth-node/sfa-telegram-oauth-server/README.md @@ -8,7 +8,13 @@ npx degit Web3Auth/web3auth-core-kit-examples/single-factor-auth-node/sfa-telegr ### Setup -1. Create a `.env` file in the project root and set the following variables: +1. Generate jwks and add in dashboard + +- run `node generate.js` to create `jwka.jaon` file. +- Go to [Wallet connect dashboard]('https://dashboard.web3auth.io/') +- Create Project > Custom Auth > Create Verifier > Choose custom Provider > Add your raw `jwks` file generated above > Select Verifier Id(we are using sub in example) > Create verifier + +2. Create a `.env` file in the project root and set the following variables: ```bash TELEGRAM_BOT_NAME="" # e.g. @your_bot_name @@ -19,7 +25,7 @@ JWT_KEY_ID="" # e.g. your_key_id W3A_VERIFIER_NAME="" # e.g. your_verifier_name ``` -2. Run the following commands: +1. Run the following commands: ```bash npm install @@ -32,4 +38,4 @@ npm start # also update the telegram bot domain to the ngrok url ``` -3. Open your browser and navigate to `http:///login` to initiate the Telegram OAuth flow. +4. Open your browser and navigate to `http:///login` to initiate the Telegram OAuth flow. diff --git a/single-factor-auth-node/sfa-telegram-oauth-server/generate.js b/single-factor-auth-node/sfa-telegram-oauth-server/generate.js new file mode 100644 index 00000000..2e9946bb --- /dev/null +++ b/single-factor-auth-node/sfa-telegram-oauth-server/generate.js @@ -0,0 +1,50 @@ +const { generateKeyPair, exportJWK, exportPKCS8, exportSPKI } = require('jose'); +const { writeFileSync } = require('fs'); +const path = require('path'); +const crypto = require('crypto'); + +async function createJWKS() { + try { + + const { publicKey, privateKey } = await generateKeyPair('PS256', { + modulusLength: 2048, // Standard RSA key size + }); + + + const publicKeyPEM = await exportSPKI(publicKey); + const privateKeyPEM = await exportPKCS8(privateKey); + + const publicKeyPath = path.join(__dirname, 'publicKey.pem'); + const privateKeyPath = path.join(__dirname, 'privateKey.pem'); + writeFileSync(publicKeyPath, publicKeyPEM, 'utf-8'); + writeFileSync(privateKeyPath, privateKeyPEM, 'utf-8'); + + console.log(`Public key saved to: ${publicKeyPath}`); + console.log(`Private key saved to: ${privateKeyPath}`); + + + const publicJWK = await exportJWK(publicKey); + + const jwks = { + alg: 'RS256', // Algorithm intended for this key + e: publicJWK.e, // Public exponent + ext: true, // Extension allowed + kid: crypto.randomBytes(10).toString('hex'), // Generate a unique Key ID + kty: publicJWK.kty, // Key type (RSA) + n: publicJWK.n, // Public key modulus + use: 'sig', // Key intended for signing + }; + + console.log(jwks) + + const jwksFilePath = path.join(__dirname, 'jwks.json'); + writeFileSync(jwksFilePath, JSON.stringify(jwks, null, 2), 'utf-8'); + + console.log(`JWKS file created at: ${jwksFilePath}`); + } catch (error) { + console.error('Error creating JWKS:', error.message); + } +} + +// Run the script +createJWKS(); \ No newline at end of file