MCPcopy
hub / github.com/nytimes/gizmo / NewPublicKeySetFromJSON

Function NewPublicKeySetFromJSON

auth/keys.go:127–161  ·  view source on GitHub ↗

NewPublicKeySetFromJSON will accept a JSON payload in the format of the JSONKeyResponse and parse it into a PublicKeySet.

(payload []byte, ttl time.Duration)

Source from the content-addressed store, hash-verified

125// NewPublicKeySetFromJSON will accept a JSON payload in the format of the
126// JSONKeyResponse and parse it into a PublicKeySet.
127func NewPublicKeySetFromJSON(payload []byte, ttl time.Duration) (PublicKeySet, error) {
128 var (
129 ks PublicKeySet
130 keys JSONKeyResponse
131 )
132 err := json.Unmarshal(payload, &keys)
133 if err != nil {
134 return ks, err
135 }
136
137 ks = PublicKeySet{
138 Expiry: TimeNow().Add(ttl),
139 Keys: map[string]*rsa.PublicKey{},
140 }
141
142 for _, key := range keys.Keys {
143 // we only plan on using RSA
144 if key.Use == "sig" && key.Kty == "RSA" {
145 n, err := base64.RawURLEncoding.DecodeString(key.N)
146 if err != nil {
147 return ks, err
148 }
149 e, err := base64.RawURLEncoding.DecodeString(key.E)
150 if err != nil {
151 return ks, err
152 }
153 ei := big.NewInt(0).SetBytes(e).Int64()
154 ks.Keys[key.Kid] = &rsa.PublicKey{
155 N: big.NewInt(0).SetBytes(n),
156 E: int(ei),
157 }
158 }
159 }
160 return ks, nil
161}
162
163// TimeNow is used internally to determine the current time. It has been abstracted to
164// this global function as a mechanism to help with testing.

Callers 2

NewPublicKeySetFromURLFunction · 0.85
TestResuseKeySourceFunction · 0.85

Calls

no outgoing calls

Tested by 1

TestResuseKeySourceFunction · 0.68

Used in the wild real call sites across dependent graphs

searching dependent graphs…