Expand description
Sign ES384 JWTs and publish the matching JWKS document.
JwtAuthority is the main entry point when you need to:
- sign JWTs with an ES384 private key
- publish the corresponding public key as a JWKS document
It composes JsonWebToken and JwksProvider from a single pair of
PEM-encoded key bytes, ensuring the kid is always consistent between the
signing header and the published JWKS document.
§Example
use webgates_codecs::jwt::authority::JwtAuthority;
use webgates_codecs::jwt::JwtClaims;
use webgates_codecs::jsonwebtoken::crypto::rust_crypto::DEFAULT_PROVIDER as JWT_CRYPTO_PROVIDER;
let _ = JWT_CRYPTO_PROVIDER.install_default();
let authority = JwtAuthority::<JwtClaims<()>>::from_es384_pem(PRIVATE_PEM, PUBLIC_PEM)
.expect("valid ES384 key pair");
// The kid is stable and shared between the codec and the JWKS provider.
assert_eq!(authority.key_id(), authority.jwks_provider().key_id().unwrap());Structs§
- JwtAuthority
- Authority bundle that owns an ES384 signing codec and a JWKS provider.