我的目标是确定哪个孩子用于签署特定的有效载荷:
try {
bearerToken = getBearerToken(req.headers);
console.log("token", { bearerToken });
// if the bearerToken is signed by another kid, how do i know which key to use?
let verifyBearerTokenKeystore = await jose.JWK.asKeyStore(mypubkey);
verifyBearerTokenResult = await jose.JWS.createVerify(
verifyBearerTokenKeystore
).verify(bearerToken);
} catch (e) {
console.error(e);
return res.status(403).send("invalid bearer token");
}
如果我故意打破这个"kid": "z2U_owemqRLOQYEhiSX1fUrPp72hXSG6dKy8qUvu1DY",ks.json我希望 node-jose 说:
Error: kid z2U_owemqRLOQYEhiSX1fUrPp72hXSG6dKy8qUvu1DY not found
不是
Error: no key found
我如何让它告诉我它期望的孩子(密钥 ID)?此外,验证者如何提取jwks_uri?