When the component is installed, you will be able to define your keys in your application configuration and load your keys from several sources or formats. All these methods have the following option:
is_public
: set the service public or private.
The key configuration will look like as follow:
jose: # Configuration of the JWT Frameworkkeys: # Configuration of the keyskey_name: # Unique key namemethod_name: # Name of the method...is_public: true
The key will be available as a container service with the ID jose.key.key_name
where key_name
is the unique name of your key. Each key service will be an instance of the Jose\Component\Core\JWK
class.
As any other configuration values, you can use environment variables.
This method will directly get a shared secret.
jose:keys:key_name:secret: # Methodsecret: 'This is my shared secret'additional_values:use: 'sig'alg: 'RS512'
This method will directly load a JWK object.
jose:keys:key_name:jwk: # Methodvalue: '{"kty":"oct","k":"dzI6nbW4OcNF-AtfxGAmuyz7IpHRudBI0WgGjZWgaRJt6prBn3DARXgUR8NVwKhfL43QBIU2Un3AvCGCHRgY4TbEqhOi8-i98xxmCggNjde4oaW6wkJ2NgM3Ss9SOX9zS3lcVzdCMdum-RwVJ301kbin4UtGztuzJBeg5oVN00MGxjC2xWwyI0tgXVs-zJs5WlafCuGfX1HrVkIf5bvpE0MQCSjdJpSeVao6-RSTYDajZf7T88a2eVjeW31mMAg-jzAWfUrii61T_bYPJFOXW8kkRWoa1InLRdG6bKB9wQs9-VdXZP60Q4Yuj_WZ-lO7qV9AEFrUkkjpaDgZT86w2g"}'
This method will load a X509 Certificate file.
jose:keys:key_name:certificate: # Methodpath: '/path/to/your/X509/certificate'additional_values: # Optional valuesuse: 'sig'alg: 'RS256'
This method will load a key from a X509 Certificate.
jose:keys:key_name:x5c: # Methodvalue: '-----BEGIN CERTIFICATE----- ....'additional_values: # Optional values.use: 'sig'alg: 'RS256'
This method will load a key from a PKCS#1 or PKCS#8 key file.
jose:keys:key_name:file: # Methodpath: '/path/to/your/key/file'password: 'secret' # Optional. Only if the key is encryptedadditional_values: # Optional values.use: 'sig'alg: 'RS256'
This method will retrieve a key from a JWKSet service.
jose:keys:key_name:jwkset: # Methodkey_set: 'jose.key_set.my_key_set' # JWKSet serviceindex: 0 # Use key at index 0
You can add custom tags and attributes to the services you create.
jose:jwe:key_name:jwk: # Methodvalue: '{"kty":"oct","k":"dzI6nbW4OcNF-AtfxGAmuyz7IpHRudBI0WgGjZWgaRJt6prBn3DARXgUR8NVwKhfL43QBIU2Un3AvCGCHRgY4TbEqhOi8-i98xxmCggNjde4oaW6wkJ2NgM3Ss9SOX9zS3lcVzdCMdum-RwVJ301kbin4UtGztuzJBeg5oVN00MGxjC2xWwyI0tgXVs-zJs5WlafCuGfX1HrVkIf5bvpE0MQCSjdJpSeVao6-RSTYDajZf7T88a2eVjeW31mMAg-jzAWfUrii61T_bYPJFOXW8kkRWoa1InLRdG6bKB9wQs9-VdXZP60Q4Yuj_WZ-lO7qV9AEFrUkkjpaDgZT86w2g"}'tags:tag_name1: ~tag_name2: {attribute1: 'foo'}