Closed
Description
The Firebase\JWT\JWK class checks if the JWK contains the "d" key to check for private keys (which are not supported). However, some vendors pass this key as null in the JWK even though it doesn't contain a private key. Now I have to unset those keys before passing the JWK to the parseKeySet function.
I would suggest checking if it's present and not null before throwing this exception.
if (\array_key_exists('d', $jwk)) {
throw new UnexpectedValueException('RSA private keys are not supported');
}to
if (!empty($jwk['d'])) {
throw new UnexpectedValueException('RSA private keys are not supported');
}in src/JWK.php:84
Metadata
Metadata
Assignees
Labels
No labels