Key Management (JWK)

Search…
Keys As Services
When the component is installed, you will be able to define your keys in your application configuration and load your keys from several sources or formats. All these methods have the following option:
is_public: set the service public or private.
The key configuration will look like as follow:
1
jose: # Configuration of the JWT Framework
2
    keys: # Configuration of the keys
3
        key_name: # Unique key name
4
            method_name: # Name of the method
5
                ...
6
                is_public: true
Copied!
The key will be available as a container service with the ID jose.key.key_name where key_name is the unique name of your key. Each key service will be an instance of the Jose\Component\Core\JWK class.
As any other configuration values, you can use environment variables.
From A Shared Secret
This method will directly get a shared secret.
1
jose:
2
    keys:
3
        key_name:
4
            secret: # Method
5
                secret: 'This is my shared secret'
6
                additional_values:
7
                    use: 'sig'
8
                    alg: 'RS512'
Copied!
From A JWK Object
This method will directly load a JWK object.
1
jose:
2
    keys:
3
        key_name:
4
            jwk: # Method
5
                value: '{"kty":"oct","k":"dzI6nbW4OcNF-AtfxGAmuyz7IpHRudBI0WgGjZWgaRJt6prBn3DARXgUR8NVwKhfL43QBIU2Un3AvCGCHRgY4TbEqhOi8-i98xxmCggNjde4oaW6wkJ2NgM3Ss9SOX9zS3lcVzdCMdum-RwVJ301kbin4UtGztuzJBeg5oVN00MGxjC2xWwyI0tgXVs-zJs5WlafCuGfX1HrVkIf5bvpE0MQCSjdJpSeVao6-RSTYDajZf7T88a2eVjeW31mMAg-jzAWfUrii61T_bYPJFOXW8kkRWoa1InLRdG6bKB9wQs9-VdXZP60Q4Yuj_WZ-lO7qV9AEFrUkkjpaDgZT86w2g"}'
Copied!
From A X509 Certificate File
This method will load a X509 Certificate file.
1
jose:
2
    keys:
3
        key_name:
4
            certificate: # Method
5
                path: '/path/to/your/X509/certificate'
6
                additional_values: # Optional values
7
                    use: 'sig'
8
                    alg: 'RS256'
Copied!
From A X509 Certificate
This method will load a key from a X509 Certificate.
1
jose:
2
    keys:
3
        key_name:
4
            x5c: # Method
5
                value: '-----BEGIN CERTIFICATE----- ....'
6
                additional_values: # Optional values.
7
                    use: 'sig'
8
                    alg: 'RS256'
Copied!
From A PKCS#1/PKCS#8 Key File
This method will load a key from a PKCS#1 or PKCS#8 key file.
1
jose:
2
    keys:
3
        key_name:
4
            file: # Method
5
                path: '/path/to/your/key/file'
6
                password: 'secret' # Optional. Only if the key is encrypted
7
                additional_values: # Optional values.
8
                    use: 'sig'
9
                    alg: 'RS256'
Copied!
From A Key In A Key Set
This method will retrieve a key from a JWKSet service.
1
jose:
2
    keys:
3
        key_name:
4
            jwkset: # Method
5
                key_set: 'jose.key_set.my_key_set' # JWKSet service
6
                index: 0 # Use key at index 0
Copied!
Custom Tags
You can add custom tags and attributes to the services you create.
1
jose:
2
    jwe:
3
        key_name:
4
            jwk: # Method
5
                value: '{"kty":"oct","k":"dzI6nbW4OcNF-AtfxGAmuyz7IpHRudBI0WgGjZWgaRJt6prBn3DARXgUR8NVwKhfL43QBIU2Un3AvCGCHRgY4TbEqhOi8-i98xxmCggNjde4oaW6wkJ2NgM3Ss9SOX9zS3lcVzdCMdum-RwVJ301kbin4UtGztuzJBeg5oVN00MGxjC2xWwyI0tgXVs-zJs5WlafCuGfX1HrVkIf5bvpE0MQCSjdJpSeVao6-RSTYDajZf7T88a2eVjeW31mMAg-jzAWfUrii61T_bYPJFOXW8kkRWoa1InLRdG6bKB9wQs9-VdXZP60Q4Yuj_WZ-lO7qV9AEFrUkkjpaDgZT86w2g"}'
6
                tags:
7
                    tag_name1: ~
8
                    tag_name2: {attribute1: 'foo'}
Copied!
The Symfony Bundle - Previous
Key and Key Set Management
Key Set Management (JWKSet)
Last modified 2yr ago
Copy link
Contents
Keys As Services
From A Shared Secret
From A JWK Object
From A X509 Certificate File
From A X509 Certificate
From A PKCS#1/PKCS#8 Key File
From A Key In A Key Set
Custom Tags