30 replies

Can't generate JWKS using 'ES256'

I want to create Postgraphile Schema using

createPostGraphileSchema

createPostGraphileSchema

and pass the private key for JWToken verification. However this does not support better's auth default encyption algorithm.

Allowed ones according to their comment in

interface SignOptions

interface SignOptions

/**
 * Signature algorithm. Could be one of these values :
 * - HS256:    HMAC using SHA-256 hash algorithm (default)
 * - HS384:    HMAC using SHA-384 hash algorithm
 * - HS512:    HMAC using SHA-512 hash algorithm
 * - RS256:    RSASSA using SHA-256 hash algorithm
 * - RS384:    RSASSA using SHA-384 hash algorithm
 * - RS512:    RSASSA using SHA-512 hash algorithm
 * - ES256:    ECDSA using P-256 curve and SHA-256 hash algorithm
 * - ES384:    ECDSA using P-384 curve and SHA-384 hash algorithm
 * - ES512:    ECDSA using P-521 curve and SHA-512 hash algorithm
 * - none:     No digital signature or MAC value included
 */

/**
 * Signature algorithm. Could be one of these values :
 * - HS256:    HMAC using SHA-256 hash algorithm (default)
 * - HS384:    HMAC using SHA-384 hash algorithm
 * - HS512:    HMAC using SHA-512 hash algorithm
 * - RS256:    RSASSA using SHA-256 hash algorithm
 * - RS384:    RSASSA using SHA-384 hash algorithm
 * - RS512:    RSASSA using SHA-512 hash algorithm
 * - ES256:    ECDSA using P-256 curve and SHA-256 hash algorithm
 * - ES384:    ECDSA using P-384 curve and SHA-384 hash algorithm
 * - ES512:    ECDSA using P-521 curve and SHA-512 hash algorithm
 * - none:     No digital signature or MAC value included
 */

Solution

I think this is a bug.
Made a pull request

GitHub

Fix: Cannot generate JWKS with other algorithm than the default one...

Fixes: #3218

Jump to solution

Better Auth•9mo ago•

30 replies

LightTab2

Can't generate JWKS using 'ES256'

I want to create Postgraphile Schema using

createPostGraphileSchema

createPostGraphileSchema

and pass the private key for JWToken verification. However this does not support better's auth default encyption algorithm.

Allowed ones according to their comment in

interface SignOptions

interface SignOptions

/**
 * Signature algorithm. Could be one of these values :
 * - HS256:    HMAC using SHA-256 hash algorithm (default)
 * - HS384:    HMAC using SHA-384 hash algorithm
 * - HS512:    HMAC using SHA-512 hash algorithm
 * - RS256:    RSASSA using SHA-256 hash algorithm
 * - RS384:    RSASSA using SHA-384 hash algorithm
 * - RS512:    RSASSA using SHA-512 hash algorithm
 * - ES256:    ECDSA using P-256 curve and SHA-256 hash algorithm
 * - ES384:    ECDSA using P-384 curve and SHA-384 hash algorithm
 * - ES512:    ECDSA using P-521 curve and SHA-512 hash algorithm
 * - none:     No digital signature or MAC value included
 */

/**
 * Signature algorithm. Could be one of these values :
 * - HS256:    HMAC using SHA-256 hash algorithm (default)
 * - HS384:    HMAC using SHA-384 hash algorithm
 * - HS512:    HMAC using SHA-512 hash algorithm
 * - RS256:    RSASSA using SHA-256 hash algorithm
 * - RS384:    RSASSA using SHA-384 hash algorithm
 * - RS512:    RSASSA using SHA-512 hash algorithm
 * - ES256:    ECDSA using P-256 curve and SHA-256 hash algorithm
 * - ES384:    ECDSA using P-384 curve and SHA-384 hash algorithm
 * - ES512:    ECDSA using P-521 curve and SHA-512 hash algorithm
 * - none:     No digital signature or MAC value included
 */

Solution

I think this is a bug.
Made a pull request

GitHub

Fix: Cannot generate JWKS with other algorithm than the default one...

Fixes: #3218

Jump to solution

Can't generate JWKS using 'ES256'

Can't generate JWKS using 'ES256'

Similar Threads

Similar Threads

Similar Threads