Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support parsing JWE with RSA-OAEP #115

Open
ptman opened this issue Apr 18, 2024 · 2 comments
Open

Support parsing JWE with RSA-OAEP #115

ptman opened this issue Apr 18, 2024 · 2 comments

Comments

@ptman
Copy link

ptman commented Apr 18, 2024
edited

Seems like #78 removed this ability that existed in v3. Given that ParseSignedAndEncrypted() now requires specifying which algorithms are allowed, wouldn't this be the perfect way to not include public key crypto if desired? I receive RSA-OAEP encrypted JWE from a source that cannot be changed, and am unable to parse them using v4.
@jsha
Copy link
Collaborator

jsha commented Apr 18, 2024

Note that #78 affects only the JWT library. If you just need to decrypt a JWE, you should be able to use jose.ParseEncryptedCompact (as opposed to jwt.ParseSignedAndEncrypted(). I'd be curious to hear more about your use case and whether it's more JWT-like or JWE-like. Are you using the claims features?

@ptman
Copy link
Author

ptman commented Apr 19, 2024

It's a JWT with claims. Coming from IDP tied to the national electronic authentication infrastructure. Finnish Trust Network.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ptman @jsha