We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
I retrieved JWKs for Google public keys from https://www.googleapis.com/oauth2/v3/certs including this one:
{ "alg": "RS256", "kty": "RSA", "n": "hsYvCPtkUV7SIxwkOkJsJfhwV_CMdXU5i0UmY2QEs-Pa7v0-0y-s4EjEDtsQ8Yow6hc670JhkGBcMzhU4DtrqNGROXebyOse5FX0m0UvWo1qXqNTf28uBKB990mY42Icr8sGjtOw8ajyT9kufbmXi3eZKagKpG0TDGK90oBEfoGzCxoFT87F95liNth_GoyU5S8-G3OqIqLlQCwxkI5s-g2qvg_aooALfh1rhvx2wt4EJVMSrdnxtPQSPAtZBiw5SwCnVglc6OnalVNvAB2JArbqC9GAzzz9pApAk28SYg5a4hPiPyqwRv-4X1CXEK8bO5VesIeRX0oDf7UoM-pVAw", "use": "sig", "e": "AQAB", "kid": "838c06c62046c2d948affe137dd5310129f4d5d1" }
JWT::createPemFromModulusAndExponent(n, e) with these values returns this PEM format:
-----BEGIN PUBLIC KEY----- MIIBITANBgkqhkiG9w0BAQEFAAOCAQ4AMIIBCQKCAQCGxi8I+2RRXtIjHCQ6Qmwl +HBX8Ix1dTmLRSZjZASz49ru/T7TL6zgSMQO2xDxijDqFzrvQmGQYFwzOFTgO2uo 0ZE5d5vI6x7kVfSbRS9ajWpeo1N/by4EoH33SZjjYhyvywaO07DxqPJP2S59uZeL d5kpqAqkbRMMYr3SgER+gbMLGgVPzsX3mWI22H8ajJTlLz4bc6oiouVALDGQjmz6 Daq+D9qigAt+HWuG/HbC3gQlUxKt2fG09BI8C1kGLDlLAKdWCVzo6dqVU28AHYkC tuoL0YDPPP2kCkCTbxJiDlriE+I/KrBG/7hfUJcQrxs7lV6wh5FfSgN/tSgz6lUD AgMBAAE= -----END PUBLIC KEY-----
JWTs from Google fail to verify using this key.
phpseclib3 and https://8gwifi.org/jwkconvertfunctions.jsp both return this PEM format:
phpseclib3
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsYvCPtkUV7SIxwkOkJs JfhwV/CMdXU5i0UmY2QEs+Pa7v0+0y+s4EjEDtsQ8Yow6hc670JhkGBcMzhU4Dtr qNGROXebyOse5FX0m0UvWo1qXqNTf28uBKB990mY42Icr8sGjtOw8ajyT9kufbmX i3eZKagKpG0TDGK90oBEfoGzCxoFT87F95liNth/GoyU5S8+G3OqIqLlQCwxkI5s +g2qvg/aooALfh1rhvx2wt4EJVMSrdnxtPQSPAtZBiw5SwCnVglc6OnalVNvAB2J ArbqC9GAzzz9pApAk28SYg5a4hPiPyqwRv+4X1CXEK8bO5VesIeRX0oDf7UoM+pV AwIDAQAB -----END PUBLIC KEY-----
and this key verifies Google JWTs correctly.
The text was updated successfully, but these errors were encountered:
@libertyit1 did you figure out a fix for this? I seem to be facing the same/similar issue.
Could this be related to php/php-src#11054
Sorry, something went wrong.
Following that thread, commenting out lines 149 - 151 in JWT.php seems to have temporally fixed the issue for me, albeit most likely insecurely.
Not in Firebase; I ended up importing phpseclib3 to convert the JWK e & n params into a PKCS8 key and used that in Firebase JWT::decode.
No branches or pull requests
I retrieved JWKs for Google public keys from https://www.googleapis.com/oauth2/v3/certs including this one:
JWT::createPemFromModulusAndExponent(n, e) with these values returns this PEM format:
JWTs from Google fail to verify using this key.
phpseclib3
and https://8gwifi.org/jwkconvertfunctions.jsp both return this PEM format:and this key verifies Google JWTs correctly.
The text was updated successfully, but these errors were encountered: