From 876f6cdc63ebc7c3555f23b71295d840ca657d87 Mon Sep 17 00:00:00 2001 From: Ryan Metzler Date: Mon, 10 Jun 2019 01:01:41 -0400 Subject: [PATCH] preserve kid when importing --- lib/jwt/jwk/rsa.rb | 10 ++++++---- spec/jwk_spec.rb | 7 +++++++ 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/lib/jwt/jwk/rsa.rb b/lib/jwt/jwk/rsa.rb index a3ad9b76..e7410a92 100644 --- a/lib/jwt/jwk/rsa.rb +++ b/lib/jwt/jwk/rsa.rb @@ -4,13 +4,14 @@ module JWT module JWK class RSA attr_reader :keypair + attr_reader :jwk_kid BINARY = 2 KTY = 'RSA'.freeze - def initialize(keypair) + def initialize(keypair, kid = nil) raise ArgumentError, 'keypair must be of type OpenSSL::PKey::RSA' unless keypair.is_a?(OpenSSL::PKey::RSA) - + @jwk_kid = kid @keypair = keypair end @@ -23,6 +24,7 @@ def public_key end def kid + return jwk_kid if jwk_kid sequence = OpenSSL::ASN1::Sequence([OpenSSL::ASN1::Integer.new(public_key.n), OpenSSL::ASN1::Integer.new(public_key.e)]) OpenSSL::Digest::SHA256.hexdigest(sequence.to_der) @@ -47,7 +49,7 @@ def self.import(jwk_data) raise JWT::JWKError, 'Key format is invalid for RSA' unless jwk_n && jwk_e - self.new(rsa_pkey(jwk_n, jwk_e)) + self.new(rsa_pkey(jwk_n, jwk_e), jwk_data[:kid] || jwk_data['kid']) end def self.rsa_pkey(jwk_n, jwk_e) @@ -55,7 +57,7 @@ def self.rsa_pkey(jwk_n, jwk_e) key_n = decode_open_ssl_bn(jwk_n) key_e = decode_open_ssl_bn(jwk_e) - if key.respond_to?(:set_key) + self.new(imported_key) key.set_key(key_n, key_e, nil) else key.n = key_n diff --git a/spec/jwk_spec.rb b/spec/jwk_spec.rb index 12d85f89..29f5a773 100644 --- a/spec/jwk_spec.rb +++ b/spec/jwk_spec.rb @@ -33,6 +33,13 @@ expect { subject }.to raise_error(JWT::JWKError) end end + + context 'when keypair with defined kid is imported' do + it 'returns the predefined kid if jwt_data contains a kid' do + params[:kid] = "CUSTOM_KID" + expect(subject.export).to eq(params) + end + end end describe '.new' do