JWK to RSAPublicKey ignore additional parameters

[dj-neza]

I get JWK from Auth0 JWKSet and transform it to Data object, but when I try to get RSAPublicKey with the data, it throws the following error:

Thread 1: Fatal error: 'try!' expression unexpectedly raised an error: Swift.DecodingError.typeMismatch(Swift.String, Swift.DecodingError.Context(codingPath: [JWKParameter(stringValue: "x5c", intValue: nil)], debugDescription: "Expected to decode String but found an array instead.", underlyingError: nil))

The problem appears to be "x5c" parameter which has its value in brackets ("x5c": [...]). Since I am getting keys directly from endpoint, the only way to solve this seems to be manually removing the brackets, but since I don't really need "x5c" parameter right now it makes me wonder if there is a way to ignore some parameters?

[dj-neza]

After further research, this seems to be a bug so you might consider updating the library for this. This is how JWT Handbook describes the "x5c" parameter: "a Base64-URL encoded X.509 DER certificate or certificate chain. A certificate chain is represented as an ARRAY of such certificates...".

[ghost]

Hi @dj-neza,

thanks for trying out JOSESwift.

Yes, you're right that looks like a bug. 🐞
JWK parameters are currently expected to be of type String which is wrong as you pointed out. 👍

We'll try to get that fixed soon. Thanks for reaching out!

[xavierLowmiller]

Are there any known workarounds for this? I'm having this issue, too...

[ghost]

Hi @xaverlohmueller, 👋

A workaround would be to not throw an error here or to try to decode an array of String if decoding String alone does not work.

Unfortunately, we're quite low on resources until the end of October. I'll do my best to provide at least a workaround for this issue in November. Sorry, for that delay. If anyone has time earlier, I'd also be happy to review and merge a pull request addressing this issue.

[xavierLowmiller]

Thanks for your response!

I might find some time to make a PR for this.

[ghost]

Hey all 👋

with the help of @xaverlohmueller we just released 1.3.1 which includes a workaround for your issues: Ignoring all non-string JWK parameters.

If you use JOSESwift via CocoaPods, make sure to run pod repo update to get the newest version.

Keep an eye on #117 for a final solution to this problem. Any input there is highly appreciated.

---

Update: There seems to be an issue with CocoaPods right now that prevents the newest release from being pushed to the pod trunk. I'll keep you posted when the release is live. In the mean time you can use the master branch to get the workaround. The release went through, everything should work now. 👍