RS256 algorithm problems
Viktor-Bredihin opened this issue · 3 comments
in this pr https://github.com/dunglas/mercure/pull/156/files was added support for RS256 algorithm, but I can't make it work with current bundle.
that's how I used to use it with HS256
SERVER_NAME=:3000 JWT_KEY='cat config/jwt/public.pem' PUBLISHER_JWT_KEY='!ChangeMe!' ./mercure run -config Caddyfile.dev
with RS256 it's supposed to work like this
SERVER_NAME=:3000 MERCURE_JWT_KEY=
cat config/jwt/public.pem ./mercure run -config Caddyfile.dev
but it gives me the error a JWT key for publishers must be provided
however mercure documentation says
PUBLISHER_JWT_KEY
| must contain the secret key to valid publishers' JWT, can be omited if JWT_KEY
is set
I'm stuck with this problem, will be grateful for any advices, thanks
Hi, you need specify the algorithm. https://mercure.rocks/docs/hub/config#environment-variables
MERCURE_PUBLISHER_JWT_KEY=$(cat config/jwt/public.pem) \
MERCURE_PUBLISHER_JWT_ALG=RS256 \
MERCURE_SUBSCRIBER_JWT_KEY=$(cat config/jwt/public.pem) \
MERCURE_SUBSCRIBER_JWT_ALG=RS256 \
./mercure run -config Caddyfile.dev
If you are using the lcobucci/jwt integration (i.e. you are not using a static jwt
nor a custom jwt.provider
) then only HMAC (HS256/HS384/HS512) is supported at the moment.
Support for asymmetric algorithms needs to be added in symfony/mercure's LcobucciFactory.
This should work by now. Please tell us if it doesn't so we can reopen.