tolitius · March 30, 2020 23:23
diff --git a/jwks-repl.clj b/jwks-repl.clj
 (require '[jsonista.core :as json]
         '[org.httpkit.client :as http]
         '[buddy.core.keys :as keys]
         '[buddy.sign.jwt :as jwt])

 (def mapper (json/object-mapper {:decode-key-fn keyword}))

 ;; if done fo real => check for http/get error
 (defn jwks->pubkey [jwks-url]
  (-> @(http/get jwks-url)
      :body
      (json/read-value mapper)
      :keys
      first
      keys/jwk->public-key))

 (defn validate-token [pkey token claims]
  (try
    (jwt/unsign token pkey claims)
    (catch Throwable t
      {:error   true
       :details (ex-data t)})))

 (def token "eyJhbG.....")

 (-> (jwks->pubkey "https://YOUR_DOMAIN/.well-known/jwks.json")
    (validate-token token {:alg :rs256}))

 ;; => {:scope ["app:area:read"],
 ;;     :client_id "gitpod",
 ;;     :iss "https://YOUR_DOMAIN",
 ;;     :exp 1585616824}
	(require '[jsonista.core :as json]
	'[org.httpkit.client :as http]
	'[buddy.core.keys :as keys]
	'[buddy.sign.jwt :as jwt])

	(def mapper (json/object-mapper {:decode-key-fn keyword}))

	;; if done fo real => check for http/get error
	(defn jwks->pubkey [jwks-url]
	(-> @(http/get jwks-url)
	:body
	(json/read-value mapper)
	:keys
	first
	keys/jwk->public-key))

	(defn validate-token [pkey token claims]
	(try
	(jwt/unsign token pkey claims)
	(catch Throwable t
	{:error true
	:details (ex-data t)})))

	(def token "eyJhbG.....")

	(-> (jwks->pubkey "https://YOUR_DOMAIN/.well-known/jwks.json")
	(validate-token token {:alg :rs256}))

	;; => {:scope ["app:area:read"],
	;; :client_id "gitpod",
	;; :iss "https://YOUR_DOMAIN",
	;; :exp 1585616824}