Replies: 1 comment
-
|
Yeah, Hono's jwt middleware supports asymmetric keys (RS256, ES256, PS256, etc.), not just HMAC secrets. For public key validation, pass the PEM-encoded public key as the import { jwt } from 'hono/jwt'
app.use('/protected/*', jwt({
secret: `-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhki...
-----END PUBLIC KEY-----`,
alg: 'RS256'
}))Or with a CryptoKey: const publicKey = await crypto.subtle.importKey(
'spki',
keyBuffer,
{ name: 'RSASSA-PKCS1-v1_5', hash: 'SHA-256' },
true,
['verify']
)
app.use('/protected/*', jwt({ secret: publicKey, alg: 'RS256' }))The |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Looking at the docs for the jwt Middleware it appears it only supports jwt validation with a secret. Does it also support public key?
Beta Was this translation helpful? Give feedback.
All reactions