Giter Club home page Giter Club logo

openid-key's Introduction

Openid-Key

You can get public key of OpenID Connect id-token. Then, you can verify id-token with the key.

OpedID Key format has defined in JSON Web Key (JWK).

Usage

CL-USER> (setf *keys* (openid-key:get-openid-keys "https://accounts.google.com"))
#S(OPENID-KEY::OPENID-KEYS
   :ISSUER "https://accounts.google.com"
   :JWKS-EXPIRES @2018-11-03T20:03:46.000000+09:00
   :KEYS (#S(OPENID-KEY::OPENID-KEY
             :KTY "RSA"
             :USE "sig"
             :ALG "RS256"
             :KID "8289d54280b76712de41cd2ef95972b123be9ac0"
             :KEY #<IRONCLAD::RSA-PUBLIC-KEY {1001EE03A3}>)
          #S(OPENID-KEY::OPENID-KEY
             :KTY "RSA"
             :USE "sig"
             :ALG "RS256"
             :KID "aa436c3f63b281ce0d976da0b51a34860ff960eb"
             :KEY #<IRONCLAD::RSA-PUBLIC-KEY {1001F40433}>)))
CL-USER> (openid-key:find-openid-key "8289d54280b76712de41cd2ef95972b123be9ac0" *keys*)
#<IRONCLAD::RSA-PUBLIC-KEY {1001B512E3}>
"RS256"
"RSA"
"sig"

You may also be interested in Jose for verify id-token.

Installation

openid-key's People

Contributors

kkazuo avatar

Stargazers

avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar

Forkers

davidalphafox dnaeon

openid-key's Issues

Gets errors because the N and E in jwk-key is of length 342 (not divisible by 4)

When I run the test, I get an error inside CL-BASE64:BASE64-STRING-TO-USB8-ARRAY called from OPENID-KEY::B64-INTEGER called from OPENID-KEY::JWK-KEY, because the length of the argument is 342, which is not divisible by 4, and CL-BASE64:BASE64-STRING-TO-USB8-ARRAY errors on that.
It is not obvious to me if a length not divisible by 4 is valid here. If it is then it is a bug in cl-base64.

Added: I tried to raise the issue in cl-base64, but I didn't find how. I think the sources are here: http://git.kpe.io/?p=cl-base64.git;a=summary, but I am not sure, and it is not obvious how to comment about it.

The bug in cl-base64 is that in the file decode.lisp, when it compares the length of the target array/string, it uses ( (truncate length 4) 3).* It should be using ceiling instead of truncate.
After I changed all occurrences of truncate in the file decode.lisp to ceiling the test run successfully.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.