This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2021-09-20
Channels
- # announcements (16)
- # aws (1)
- # babashka (24)
- # beginners (54)
- # calva (25)
- # cider (4)
- # cljs-dev (2)
- # clojure (16)
- # clojure-dev (39)
- # clojure-europe (18)
- # clojure-nl (1)
- # clojure-uk (4)
- # clojurescript (66)
- # core-async (16)
- # cursive (13)
- # datomic (15)
- # deps-new (1)
- # duct (22)
- # fulcro (20)
- # jobs-discuss (1)
- # kaocha (3)
- # lsp (11)
- # malli (8)
- # off-topic (38)
- # other-languages (18)
- # polylith (18)
- # portal (15)
- # react (2)
- # reagent (9)
- # reitit (7)
- # releases (10)
- # reveal (1)
- # sci (13)
- # shadow-cljs (3)
- # specter (4)
- # sql (4)
- # xtdb (16)
I am using Cognito to generate user id_tokens
I would like to be able to hand-create my own id_token,
with the public bit of the signing key available at
So I need to either
i) access the Signing Key that Cognito is using to sign its tokens
OR
ii) create my own signing key , and poke the public bit ito ~/.well-known/jwks.json
I was just having a go at i), and I thought that https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetSigningCertificate.html looked promising,
but then I released that I didn't known what to do with it ...
(->
(->>
{:op :GetSigningCertificate :request {:UserPoolId "eu-west-2_*****"}}
(aws/invoke (aws/client {:api :cognito-idp :region :eu-west-2}))
(:Certificate)
(.decode (java.util.Base64/getDecoder)))
(String. "ISO-8859-1"))
returns garbage
How would you go about signing your own JWTs and making the verification key available?