Verifying JWK with one out of multiple keys, where one of the keys is a HS256 key

[0xmerp]

Hi,

Basically I have a use case where I would like to verify JWKs where the signature might be either one of a collection of ES256 keys (ECDSA), or a HS256 (Sha256-HMAC) key.

I was looking at this: https://github.com/firebase/php-jwt?tab=readme-ov-file#example-with-multiple-keys

This lets me load my JWK key set with all of my ES256 keys, but won't handle the case where the JWK might be signed with a HS256 key.

Here is an example of the use case: https://developers.line.biz/en/docs/line-login/verify-id-token/#signature

I was just wondering if php-jwt supports this use case, or if I could propose it as a feature.