Verification of ID Token using RSA public key
-
Hey All
Just wondering if I am doing something wrong here. I am using FusionAuth java library https://github.com/FusionAuth/fusionauth-jwt.Java Code :
```List<JSONWebKey> keys = JSONWebKeySetHelper.retrieveKeysFromJWKS("http://localhost:9011/.well-known/jwks.json"); Map<String, Verifier> publicKeyVerifiers = new HashMap<String,Verifier>(); for (JSONWebKey key : keys) { String publicKey = key.x5c.get(0); Verifier verifier = RSAVerifier.newVerifier(publicKey); String kid = key.kid; publicKeyVerifiers.put(kid, verifier); }```
Exception I am getting :
InvalidParameterException : Unexpected PEM FormatI think the problem here is that if we look at the "key.x5c" from jwks.json, it does not start with "-----BEGIN" and hence it is throwing above exception.
The FusionAuth library class io.fusionauth.pem.PEMDecoder expect "-----BEGIN" which does not exist.
Screenshot of jwks.json -
Can you add
----BEGIN
to the JWKS certs?