bananaphone
Create ED25519 JWK & JWT, later extract Subject and Kid from JWT
I am trying to create a JWT using an existing ED25519 key, then later extract the subject from it, and the kid to verify it. Here is what I have so far:
def generate_my_jwk() do
raw_private_key =
Base.decode16!(Application.get_env(:balls_pds, :owner_private_key), case: :lower)
generate_jwk(raw_private_key)
end
def generate_jwk(raw_private_key) when is_binary(raw_private_key) do
public_key = :crypto.generate_key(:eddsa, :ed25519, raw_private_key) |> elem(0)
jwk = %{
"kty" => "OKP",
"alg" => "EdDSA",
"crv" => "Ed25519",
"d" => Base.url_encode64(raw_private_key, padding: false),
"x" => Base.url_encode64(public_key, padding: false),
"use" => "sig"
}
JOSE.JWK.from(jwk)
end
def generate_jwt(days \\ 30) when is_integer(days) and days > 0 do
jwk = generate_my_jwk()
signer = Joken.Signer.create("EdDSA", jwk)
id = Application.get_env(:balls_pds, :owner_ap_id)
claims = %{
"iss" => id,
"sub" => id,
"aud" => Application.get_env(:balls_pds, :owner_ap_id),
"iat" => DateTime.utc_now() |> DateTime.to_unix(),
"exp" => DateTime.utc_now() |> DateTime.add(30, :day) |> DateTime.to_unix()
}
Joken.generate_and_sign!(claims, signer)
end
defp get_kid(jwt) when is_binary(jwt) do
with {:kid, {:ok, %{"kid" => kid}}} <- {:kid, JOSE.JWT.peek_protected(jwt)} do
kid
else
_ -> nil
end
end
def extract_key_info(jwt) when is_binary(jwt) do
with {:subject, {:ok, %{"sub" => subject}}} <- {:subject, JOSE.JWT.peek_payload(jwt)},
{:kid, kid} <- {:kid, get_kid(jwt)} do
{:ok, %{subject: subject, id: kid}}
else
{err, {:error, error}} ->
Logger.error("extracting key info from JWT: #{err}: #{inspect(error)}")
{:error, error}
end
end
I created this through a combination of Internet searching, reading source code, trial and error, and asking an AI for help. However I only get this far:
% mix generate_token
** (FunctionClauseError) no function clause matching in JOSE.JWK.from_record/1
The following arguments were given to JOSE.JWK.from_record/1:
# 1
{:error, {:missing_required_keys, ["keys", "kty"]}}
Attempted function clauses (showing 2 out of 2):
def from_record({:jose_jwk, keys, kty, fields})
def from_record(list) when is_list(list)
(jose 1.11.10) lib/jose/jwk.ex:35: JOSE.JWK.from_record/1
(joken 2.6.2) lib/joken/signer.ex:107: Joken.Signer.create/3
(balls_pds 0.0.9) lib/balls_pds/jwt.ex:64: BallsPDS.JWT.generate_jwt/1
(balls_pds 0.0.9) lib/mix/tasks/generate_token.ex:5: Mix.Tasks.GenerateToken.run/1
(mix 1.17.3) lib/mix/task.ex:495: anonymous fn/3 in Mix.Task.run_task/5
(mix 1.17.3) lib/mix/cli.ex:96: Mix.CLI.run_task/2
/Users/user/.asdf/installs/elixir/1.17.3-otp-27/bin/mix:2: (file)
I could use any guidance for doing this properly, and hints of where to look to learn how to do this as I had trouble just finding information.
Marked As Solved
ruslandoga
![]()
I think the problem are these two lines
jwk = generate_my_jwk()
signer = Joken.Signer.create("EdDSA", jwk)
Joken.Signer.create/2 doesn’t expect JOSE.JWK.t() but rather a plain map with string keys, ["keys", "kty"] in particular.
This seems to work:
$ openssl genpkey -algorithm ed25519 > test_key.pem
$ cat test_key.pem
-----BEGIN PRIVATE KEY-----
MC4CAQAwBQYDK2VwBCIEIMAjXAcsE6G7AWpRQWK4eLnVRxakXforWuebGlRaGKgC
-----END PRIVATE KEY-----
Mix.install([:jose, :joken, :jason])
test_key = """
-----BEGIN PRIVATE KEY-----
MC4CAQAwBQYDK2VwBCIEIMAjXAcsE6G7AWpRQWK4eLnVRxakXforWuebGlRaGKgC
-----END PRIVATE KEY-----
"""
jwk = JOSE.JWK.from_pem(test_key)
{_, jwk_map} = JOSE.JWK.to_map(jwk)
Joken.Signer.create("EdDSA", jwk_map)
But I’ve never used Joken before and don’t actually know what it does ![]()
3
Popular in Questions
Hi All,
I set a environment variables in dev.exs , like below code.
when i start server, how can i set the ${enable} value?
thanks.
d...
New
How to bind a phoenix app to a specific ip address?
could not find anything about that, nowhere, unfortunately, but for me this is quite...
New
I will often find my self writing things similar to:
case some_value do
nil -> something()
"" -> something()
_ -> somethi...
New
If I have a post route which an argument:
post /my_post_route/:my_param1, MyController.my_post_handler
How would get the post params ...
New
Hi guys, i’m new in the Elixir world, and i have to say, that i love it!
i’m having some problem to understand anonymous functions with ...
New
Hello everybody,
usually, I use a 29" ultra-wide monitor for VSCode which can easily accomodate explorer (files panel) + file with code ...
New
I am VERY much an elixir newbie. I have taken one elixir course and one phoenix course on Udemy. During that course, I saw the instructor...
New
Hi everyone,
I was playing with phoenix liveView but I run into an issue. I have a form and want to validate each input text when the te...
New
In the Dialyzer docs ( dialyzer — OTP 29.0.2 (dialyzer 6.0.1) ), there is a way to turn off a specific warning for a function:
-dialyzer...
New
Is there a way to rollback a specific migration and only that one (“skipping” all the other ones)?
Would
mix ecto.rollback -v 200809061...
New
Other popular topics
Hi All,
I set a environment variables in dev.exs , like below code.
when i start server, how can i set the ${enable} value?
thanks.
d...
New
None of the current solutions worked well for me, so I went ahead and built a user management system from scratch.
This project took far...
New
Hi guys, i’m new in the Elixir world, and i have to say, that i love it!
i’m having some problem to understand anonymous functions with ...
New
I have a phoenix application from which a user can download multiple(5-6) files of size 1MB. I couldn’t find anything related to sending ...
New
I am trying to figure out how Mix knows whether the environment is test, dev, or prod – where is this set?
Thanks.
New
I’m not a pro in using Regex and can’t figure out why the following behaviour happens, especially if we take into account the difference ...
New
Original source of discussion: This topic on the Pragmatic Programmers’ Functional Web Development with Elixir, OTP, and Phoenix forum.
...
New
Hey,
Just curious what are the main benefits of Elixir compared to Clojure?
When is Elixir more useful than Clojure and vice versa?
Th...
New
I am going through the kafka architecture. All the features what the kafka is providing are already in Erlang. I would like hear your opi...
New
Hi there,
I am working with Ecto-Postgresql and I need to call all of the records from a specific table but the table has 40,000 records...
New
Categories:
Sub Categories:
Forums
Popular Tags
- #ecto
- #liveview
- #troubleshooting
- #learning-elixir
- #deployment
- #library
- #erlang
- #testing
- #genserver
- #mix
- #absinthe
- #remote-other
- #otp
- #plug
- #how-to-question
- #macros
- #postgres
- #channels
- #elixirconf
- #exunit
- #discussion
- #code-sync
- #javascript
- #podcasts
- #onsite
- #dialyzer
- #docker
- #authentication
- #umbrella
- #full-time-contract
- #podcasts-by-brainlid
- #ecto-query
- #elixir-ls
- #phoenix_html
- #iex
- #blog-post
- #graphql
- #genstage
- #ai
- #websockets
- #supervisor
- #advent-of-code
- #elixirconf-us
- #distillery
- #processes
- #forms
- #api
- #metaprogramming
- #security
- #performance









