Verify JWT token using public key


#1

How to verify a jwt token using a public key? The authorization server is a spring boot implementation and it mints jwt key by signing with a private key. How do I verify the minted jwt key using the public key in echo?


#2

Assuming the key is RSA, all you need is https://golang.org/pkg/crypto/x509/#ParsePKCS1PublicKey . That will return a *rsa.PublicKey which you can give pass it as JWTConfig.SigningKey.

Here’s a more complete example: https://stackoverflow.com/questions/44230634/how-to-read-an-rsa-key-from-file/44231740 (that’s for a private key, but it’s similar for public).

Hope it helps!
Alex