from JWK Parameters for Symmetric Keys
The k (key value) member contains the value of the symmetric (or other single-valued) key. It is represented as the base64url encoding of the octet sequence containing the key value.
JOSE adds that “k” field as a random string generated by: crypto:strong_rand_bytes(Size)
(In case of HS256
eventually it happens here)
you can try:
iex> {_, _, {_, key}, _} = :jose_jws_alg.generate_key({:oct, 32}, "HS256")
{:jose_jwk, :undefined,
{:jose_jwk_kty_oct,
<<228, 203, 21, 38, 196, 206, 135, 106, 22, 209, 53, 114, 53, 199, 255, 223,
52, 25, 242, 56, 5, 215, 65, 135, 13, 217, 14, 38, 235, 214, 135, 165>>},
iex> :jose_jwa_base64url.encode(key)
"5MsVJsTOh2oW0TVyNcf_3zQZ8jgF10GHDdkOJuvWh6U"
# which is basically the same as
iex> Base.url_encode64(key, padding: false)
"5MsVJsTOh2oW0TVyNcf_3zQZ8jgF10GHDdkOJuvWh6U"
So in bash probably something like
dd if=/dev/urandom bs=32 count=1 | base64 | sed 's/+/-/g; s/\//_/g; s/=//g'
Could generate you similarly random password to put into "k"
field of the map