Providing functions for parsing JWK from a File or URL #52
Description
Is your feature request related to a problem? Please describe.
So currently the library does not provide a way for parsing JWK from URLs as is often necessary when working with some libraries, I had this requirement using auth0 and ory/hydra but this is a common pattern so I am sure this would be a useful feature.
Describe the solution you'd like
So I was thinking of an elegant solution that would be concise and type-safe for the user, an example of what I mean is as follows:
var keys []*rsa.PublicKey
err := jwt.GetKeysFromURL(someURL, &keys)
if err != nil {
log.Fatalf("unable to get keys from URL %s, reason: %s", someURL, err)
}
fmt.Println("number of loaded keys:", len(keys))And for files:
var keys []*rsa.PublicKey
err := jwt.GetKeysFromURL(filePath, &keys)
if err != nil {
log.Fatalf("unable to get keys from file %s, reason: %s", filePath, err)
}
fmt.Println("number of loaded keys:", len(keys))The idea is that the user would be able to pass a list of any type of key he wants and we would parse the JSON from the URL or File and then type-assert the input list to see if it matches what we expect, if yes we fill it, if not we return an error.
I believe it would be possible to implement this without using any reflection, we would probably just need a switch input.(type) {...} construct to handle the different inputs, and I would be glad to make a PR if you like the idea.
Describe alternatives you've considered
I've solved this problem when working with github.com/lestrrat-go/jwx, but I didn't like the way that library does it, it converts the keys into an internal representation and forces the user to iterate over all the keys and manually convert them to the desired type.
I have also considered implementing it myself using this example I found online specific for RSA keys:
https://stackoverflow.com/a/66739021/2905274
But this is a complex function and I don't want to replicate it on all my microservices if I can avoid it.
So what do you think?