How to Sign a jwt token with just a string and not publicKey and privateKey #1104

trenchesdeveloper · 2024-03-11T10:38:32Z

trenchesdeveloper
Mar 11, 2024

After calling the build, why is it failing with error *error signing token: failed to serialize token at step #2: failed to generate signature for signer #0 (alg=RS256): failed to sign payload: failed to retrieve rsa.PrivateKey out of string: keyconv: expected rsa.PrivateKey or rsa.PrivateKey, got string

`
b := setDefaultBuilder(user, twitter.AccessTokenLifetime, s.Conf)

t, err := b.Build()

if err != nil {
	return "", fmt.Errorf("error building token: %v", err)
}

token, err := jwt.Sign(t, jwt.WithKey(signatureType, s.Conf.Jwt.Secret))

`

lestrrat · 2024-03-11T11:52:14Z

lestrrat
Mar 11, 2024
Maintainer

How to Sign a jwt token with just a string and not publicKey and privateKey

You can't (at least not for a RSA family algorithms). I think the documentation is pretty explicit saying that the key needs to be one of (1) a raw key (*rsa.PrivateKey, et al), (2) a crypto.Signer, or (3) a jwk.Key

https://pkg.go.dev/github.com/lestrrat-go/jwx/[email protected]/jws#WithKey

token, err := jwt.Sign(t, jwt.WithKey(signatureType, s.Conf.Jwt.Secret))

I can only guess what's store in the s.Conf.Jwt.Secret variable, but I have a feeling you are copying from an example that uses a symmetric algorithm, such as HS256. In that case, the raw key could be a []byte, which is the "raw" version of a jwk.SymmetricKey

0 replies

trenchesdeveloper · 2024-03-11T12:07:40Z

trenchesdeveloper
Mar 11, 2024
Author

How to Sign a jwt token with just a string and not publicKey and privateKey

You can't (at least not for a RSA family algorithms). I think the documentation is pretty explicit saying that the key needs to be one of (1) a raw key (*rsa.PrivateKey, et al), (2) a crypto.Signer, or (3) a jwk.Key

https://pkg.go.dev/github.com/lestrrat-go/jwx/[email protected]/jws#WithKey

token, err := jwt.Sign(t, jwt.WithKey(signatureType, s.Conf.Jwt.Secret))

I can only guess what's store in the s.Conf.Jwt.Secret variable, but I have a feeling you are copying from an example that uses a symmetric algorithm, such as HS256. In that case, the raw key could be a []byte, which is the "raw" version of a jwk.SymmetricKey

Thank you. I made a mistake using a wrong algo.

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

How to Sign a jwt token with just a string and not publicKey and privateKey #1104

{{title}}

Replies: 2 comments

{{title}}

{{title}}

Select a reply

How to Sign a jwt token with just a string and not publicKey and privateKey #1104

trenchesdeveloper Mar 11, 2024

Replies: 2 comments

lestrrat Mar 11, 2024 Maintainer

trenchesdeveloper Mar 11, 2024 Author

trenchesdeveloper
Mar 11, 2024

lestrrat
Mar 11, 2024
Maintainer

trenchesdeveloper
Mar 11, 2024
Author