Copy link to clipboard
Copied
I'm trying to do the following:
secret_key = "sometihng"; web_token = CreateSignedJWT(payload_string, secret_key, hash_params );
And I receive error: signOptions type not supported, it has to be of type Key or KeyPair or Struct
Coldfusion's jwt documentation states the secret_key parameter should be a struct, which I understand. However, I'm unclear on how to use the secret key as a string without using the keystore, because if I use
key_options = { key = secret_key } web_token = CreateSignedJWT(payload_string, key_options, hash_params );
then I receive error Either the keystore path is invalid or corrupt or the keystore password is wrong.
The key itself is stored in an encrypted database column, so I want to pass a string version of it. How can I do this without the keystore?
Copy link to clipboard
Copied
In the second definition of web_token , the argument key_options is a struct. I think that that is the correct type, rather than string.
However, the struct should have, not one key, but three. Namely,
The documentation on CreateSignedJWT gives you the following example:
<cfset k=getKeyPairfromkeystore({
"keystore" : "test_jws1.keystore",
"keystorePassword": "****",
"keypairPassword": "****",
"keystoreAlias": "contentKey"
}) >
<cfset key_options=k.getPrivate()>