Comments (17)
jwks-rsa has a package.json engines entry marking it node-only.
from jose.
BTW, the crypto works fine if I point bun to the node package of jose.
It might for you, it might not for others. Open an issue with bun on how they resolve node-first module dependencies. Yours is not an isolated issue, i've seen them popping up and it's a runtime issue.
from jose.
Why import bun as a browser module?
Because bun is Web Platform API first and node's crypto module compatibility is not guaranteed and will never be a 100%.
from jose.
I wasted 2 hours thinking something was wrong with jwks-rsa auth0/node-jwks-rsa/issues/373
There isn't anything wrong with jwks-rsa, but it's a node module, not one made for other runtimes.
from jose.
Mention it on docs. Please?
from jose.
BTW, the crypto works fine if I point bun to the node package of jose.
from jose.
FYI auth0/node-jwks-rsa#374 give this branch a shot and let me know if there's anything else.
from jose.
Hey @panva its me again.
Here is my code.
import JwksClient from "jwks-rsa";
import JsonWebToken, { JwtHeader } from "jsonwebtoken";
const client = JwksClient({
jwksUri: `https://${process.env.AUTH0_DOMAIN}/.well-known/jwks.json`
})
const keySets: any = await client.getKeys();
export const certToPEM = (cert: string) => {
cert = cert.match(/.{1,64}/g)!.join('\n')
cert = `-----BEGIN CERTIFICATE-----\n${cert}\n-----END CERTIFICATE-----\n`;
return cert;
}
export const verifySession = (token: string) => {
const decoded = JsonWebToken.decode(token, { complete: true }) as { header: JwtHeader, payload: any };
const kid = decoded.header.kid;
const keySet = keySets.find((key: { kid: string; }) => key.kid === kid);
if (!keySet) {
throw new Error("No key set");
}
const signingKey = certToPEM(keySet.x5c[0]);
return JsonWebToken.verify(token, signingKey);
}
Here is my error
115 |
116 | if (!hasSignature && !options.algorithms) {
117 | return done(new JsonWebTokenError('please specify "none" in "algorithms" to verify unsigned tokens'));
118 | }
119 |
120 | if (secretOrPublicKey != null && !(secretOrPublicKey instanceof KeyObject)) {
^
TypeError: Right hand side of instanceof is not an object
at /home/xxxxxxxxxx/hono-bun/node_modules/jsonwebtoken/verify.js:120:39
from jose.
https://bun.sh/docs/runtime/nodejs-apis#node-crypto Bun does not implement those APIs. Use jose, not jsonwebtoken.
You can replace both jwks-rsa and jsonwebtoken with jose.
const JWKS = jose.createRemoteJWKSet(new URL('https://www.googleapis.com/oauth2/v3/certs'))
const { payload, protectedHeader } = await jose.jwtVerify(jwt, JWKS, {
issuer: 'urn:example:issuer',
audience: 'urn:example:audience',
})
console.log(protectedHeader)
console.log(payload)
from jose.
This was the code that got me segmentation fault
from jose.
Then create a reproduction sample and open a Bun issue please, there's nothing I can do about those.
from jose.
Sure man, thx you for helping me out.
from jose.
To explain, it is far more likely the segmentation fault is related to some other code and just presents itself when the jose code yields control. So it seems like jose is triggering it but it's not. The whole jose test suite gets executed using Bun without segmentation faults.
from jose.
Hmm
One question!
I am using Auth0 to do openid stuff. My JWKS does not contain publicKey directly. I use x5c to create it. Can this be the reason?
PS: Also the jwks-rsa is your custom branch from github not from npm
from jose.
The OP is correct. Every thing is fine in node
from jose.
My JWKS does not contain publicKey directly
JWKs are the public keys, just in a JWK format
from jose.
Ohhh got
from jose.
Related Issues (20)
- Fails to run in WebContainers w Unsupported error message HOT 3
- Invalid ES256 signatures generated with Node 12.15 but not 12.16.0 HOT 4
- jwtVerify using createRemoteJWKSet TypeError [ERR_INVALID_ARG_TYPE]: The "listener" argument must be of type function. Received an instance of Object HOT 3
- Encrypt function of FlattenedEncrypt doesn't work with the Uint8array key type. HOT 3
- Error building typescript in 'ts-jose' missing declaration files Version 4.14.0 HOT 1
- Under load jwtVerify throws a JWSInvalid: Invalid Compact JWS error HOT 5
- Type instantiation is excessively deep and possibly infinite HOT 10
- Error: unsupported key management (decryption) alg: ECDH-ES+A256KW HOT 1
- Verifying JWT with symmetric key HOT 2
- Unable to build Angular project with Jose HOT 1
- SignJWT exp type error HOT 2
- Cannot verify id token using remote jwks HOT 3
- Can't verify azure token HOT 3
- Bun support ED25519 HOT 1
- Bun: SyntaxError: Import named 'KeyObject' not found in module 'crypto'. HOT 3
- Mocking URLs with msw/nock doesn't work with named imports. HOT 1
- [ES384] adding a single letter to the signature part causing a successful verification HOT 7
- Type "GetKeyFunction" is present in "types.d.ts" but not exported in "index.d.ts" HOT 1
- Check for `jwk.oth` should also check for `null` value HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jose.