RS256 algorithm problems

Question

RS256 algorithm problems

Viktor-Bredihin opened this issue 3 years ago · 3 comments

in this pr https://github.com/dunglas/mercure/pull/156/files was added support for RS256 algorithm, but I can't make it work with current bundle.
that's how I used to use it with HS256
SERVER_NAME=:3000 JWT_KEY='cat config/jwt/public.pem' PUBLISHER_JWT_KEY='!ChangeMe!' ./mercure run -config Caddyfile.dev
with RS256 it's supposed to work like this
SERVER_NAME=:3000 MERCURE_JWT_KEY=cat config/jwt/public.pem ./mercure run -config Caddyfile.dev
but it gives me the error a JWT key for publishers must be provided
however mercure documentation says
PUBLISHER_JWT_KEY | must contain the secret key to valid publishers' JWT, can be omited if JWT_KEY is set

I'm stuck with this problem, will be grateful for any advices, thanks

Answer 1 · 2021-03-23T18:11:07.000Z

Hi, you need specify the algorithm. https://mercure.rocks/docs/hub/config#environment-variables

MERCURE_PUBLISHER_JWT_KEY=$(cat config/jwt/public.pem) \
MERCURE_PUBLISHER_JWT_ALG=RS256 \
MERCURE_SUBSCRIBER_JWT_KEY=$(cat config/jwt/public.pem) \
MERCURE_SUBSCRIBER_JWT_ALG=RS256 \
./mercure run -config Caddyfile.dev

Answer 2 · 2021-05-09T15:42:12.000Z

If you are using the lcobucci/jwt integration (i.e. you are not using a static jwt nor a custom jwt.provider) then only HMAC (HS256/HS384/HS512) is supported at the moment.
Support for asymmetric algorithms needs to be added in symfony/mercure's LcobucciFactory.

Answer 3 · 2022-05-30T16:56:21.000Z

This should work by now. Please tell us if it doesn't so we can reopen.