feat: added jwks script

single-factor-auth-node/sfa-telegram-oauth-server/README.md

@@ -8,7 +8,13 @@ npx degit Web3Auth/web3auth-core-kit-examples/single-factor-auth-node/sfa-telegr
 
 ### Setup
 
-1. Create a `.env` file in the project root and set the following variables:
+1. Generate jwks and add in dashboard
+
+- run `node generate.js` to create `jwka.jaon` file.
+- Go to [Wallet connect dashboard]('https://dashboard.web3auth.io/')
+- Create Project > Custom Auth > Create Verifier > Choose custom Provider > Add your raw `jwks` file generated above > Select Verifier Id(we are using sub in example) > Create verifier
+
+2. Create a `.env` file in the project root and set the following variables:
 
 ```bash
 TELEGRAM_BOT_NAME="" # e.g. @your_bot_name
@@ -19,7 +25,7 @@ JWT_KEY_ID="" # e.g. your_key_id
 W3A_VERIFIER_NAME="" # e.g. your_verifier_name
 ```
 
-2. Run the following commands:
+1. Run the following commands:
 
 ```bash
 npm install
@@ -32,4 +38,4 @@ npm start
 # also update the telegram bot domain to the ngrok url
 ```
 
-3. Open your browser and navigate to `http://<URL>/login` to initiate the Telegram OAuth flow. 
+4. Open your browser and navigate to `http://<URL>/login` to initiate the Telegram OAuth flow.

single-factor-auth-node/sfa-telegram-oauth-server/generate.js

@@ -0,0 +1,50 @@
+const { generateKeyPair, exportJWK, exportPKCS8, exportSPKI } = require('jose');
+const { writeFileSync } = require('fs');
+const path = require('path');
+const crypto = require('crypto');
+
+async function createJWKS() {
+    try {
+
+        const { publicKey, privateKey } = await generateKeyPair('PS256', {
+            modulusLength: 2048, // Standard RSA key size
+        });
+
+
+        const publicKeyPEM = await exportSPKI(publicKey);
+        const privateKeyPEM = await exportPKCS8(privateKey);
+
+        const publicKeyPath = path.join(__dirname, 'publicKey.pem');
+        const privateKeyPath = path.join(__dirname, 'privateKey.pem');
+        writeFileSync(publicKeyPath, publicKeyPEM, 'utf-8');
+        writeFileSync(privateKeyPath, privateKeyPEM, 'utf-8');
+
+        console.log(`Public key saved to: ${publicKeyPath}`);
+        console.log(`Private key saved to: ${privateKeyPath}`);
+
+
+        const publicJWK = await exportJWK(publicKey);
+
+        const jwks = {
+            alg: 'RS256',            // Algorithm intended for this key
+            e: publicJWK.e,          // Public exponent
+            ext: true,               // Extension allowed
+            kid: crypto.randomBytes(10).toString('hex'), // Generate a unique Key ID
+            kty: publicJWK.kty,      // Key type (RSA)
+            n: publicJWK.n,          // Public key modulus
+            use: 'sig',              // Key intended for signing
+        };
+
+        console.log(jwks)
+
+        const jwksFilePath = path.join(__dirname, 'jwks.json');
+        writeFileSync(jwksFilePath, JSON.stringify(jwks, null, 2), 'utf-8');
+
+        console.log(`JWKS file created at: ${jwksFilePath}`);
+    } catch (error) {
+        console.error('Error creating JWKS:', error.message);
+    }
+}
+
+// Run the script
+createJWKS();