From 4e25f7ac284571deecad546bc0ccd8b2c78b0211 Mon Sep 17 00:00:00 2001 From: Ryan Metzler Date: Mon, 10 Jun 2019 01:01:41 -0400 Subject: [PATCH] preserve kid when importing --- lib/jwt/jwk/rsa.rb | 8 +++++--- spec/jwk_spec.rb | 7 +++++++ 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/lib/jwt/jwk/rsa.rb b/lib/jwt/jwk/rsa.rb index 6d7d7b06..45774417 100644 --- a/lib/jwt/jwk/rsa.rb +++ b/lib/jwt/jwk/rsa.rb @@ -8,19 +8,21 @@ class RSA extend Forwardable attr_reader :keypair + attr_reader :jwk_kid def_delegators :keypair, :private?, :public_key BINARY = 2 KTY = 'RSA'.freeze - def initialize(keypair) + def initialize(keypair, kid = nil) raise ArgumentError, 'keypair must be of type OpenSSL::PKey::RSA' unless keypair.is_a?(OpenSSL::PKey::RSA) - + @jwk_kid = kid @keypair = keypair end def kid + return jwk_kid if jwk_kid sequence = OpenSSL::ASN1::Sequence([OpenSSL::ASN1::Integer.new(public_key.n), OpenSSL::ASN1::Integer.new(public_key.e)]) OpenSSL::Digest::SHA256.hexdigest(sequence.to_der) @@ -40,7 +42,7 @@ def self.import(jwk_data) imported_key.set_key(OpenSSL::BN.new(::Base64.urlsafe_decode64(jwk_data[:n]), BINARY), OpenSSL::BN.new(::Base64.urlsafe_decode64(jwk_data[:e]), BINARY), nil) - self.new(imported_key) + self.new(imported_key, jwk_data[:kid]) end end end diff --git a/spec/jwk_spec.rb b/spec/jwk_spec.rb index fcf79562..4132a915 100644 --- a/spec/jwk_spec.rb +++ b/spec/jwk_spec.rb @@ -24,6 +24,13 @@ expect { subject }.to raise_error(JWT::JWKError) end end + + context 'when keypair with defined kid is imported' do + it 'returns the predefined kid if jwt_data contains a kid' do + params[:kid] = "CUSTOM_KID" + expect(subject.export).to eq(params) + end + end end describe '.to_jwk' do