0

I am trying to load an external .pem file to sign with JWT in node.js, but jwt.sign does not return anything. It seams that the .pem file is not loading correct.

Hoping that someone can help.

Here is the code:

function(properties, context) {

    const jwt = require('jsonwebtoken');
    const https = require('https');


        https.get(properties.privateKeyName, res => {
            // Initialise an array
            const bufs = [];

            // Add the data to the buffer collection
            res.on('data', function (chunk) {
                bufs.push(chunk)
            });

            // This signifies the end of a request
            res.on('end', function () {
                // We can join all of the 'chunks' of the file together
                const privateKey = Buffer.concat(bufs);

                const issuer = properties.issuer;
                const client_id = properties.client_id;
                const aud = 'https://revolut.com'; // Constant
                const payload = {
                  "iss": issuer,
                  "sub": client_id,
                  "aud": aud
                };

                const token = jwt.sign(payload, privateKey, { algorithm: 'RS256', expiresIn: 60 * 60});

                return {
                    'jwt_token': token,
                    'jwt_test': 'test',
                }


            });
        })

}
Rene Meldgaard
  • 1

1 Answers1

0

I believe for private key algorithm is not RS256. Its RSA or ECDSA.

Shihab
  • 2,641
  • 3
  • 21
  • 29
  • This is the docs, that I am following from Revolut: https://revolutdev.github.io/business-api/#setting-up-access-to-your-own-account It seams that algorithm must be RS256. – Rene Meldgaard Oct 28 '19 at 14:14
  • @ReneMeldgaard You are right. My bad. BTW, is your pem file hosted in another server? – Shihab Oct 28 '19 at 14:21
  • Yes it is. And that seams to be the issue. I can't store it local. – Rene Meldgaard Oct 28 '19 at 14:25
  • I would suggest you to write the Buffer in a file and verify the file. – Shihab Oct 28 '19 at 14:27
  • Ok, can I get you to share an example? :) – Rene Meldgaard Oct 28 '19 at 14:30
  • @ReneMeldgaard Do you mean you wanna share an example with me? – Shihab Oct 28 '19 at 14:32
  • No, I am hoping that you can share how to use Buffer with my code :) – Rene Meldgaard Oct 28 '19 at 14:36
  • What I would do is, `fs.writeFile('key.pem', privateKey)` to write the buffer in a file named key.pem and then check the file manually if the file is okay or not. This is not a solution, just to verify if the buffer is okay. – Shihab Oct 28 '19 at 14:41
  • I have a theory here. The `res` variable doesn't contain only privatekey dada but it also contains all the relevant http headers (ex: content-type) etc. So, your `privateKey` variable contains not only the private key but also all the http headers etc. That is way it mismatches. – Shihab Oct 28 '19 at 14:56
  • I could not get it to work, with an external file. My solution ended up being to use the content of the pem file direct. But thanks for your time :) – Rene Meldgaard Oct 28 '19 at 14:57
  • That might be a solution, let me try to find a way to extract the content of only the file. – Rene Meldgaard Oct 28 '19 at 15:04
  • You might try this way: https://stackoverflow.com/a/30939791/3858638 – Shihab Oct 28 '19 at 15:36
  • Still the same, it's still like the external file does not get read properly. I will just use the content of the file and not try to load it :) – Rene Meldgaard Oct 28 '19 at 15:51