2020-05-01 19:29:42 +01:00
|
|
|
const express = require('../../shared/express');
|
2021-06-30 14:56:57 +01:00
|
|
|
const settings = require('../../shared/settings-cache');
|
2020-01-20 13:45:58 +02:00
|
|
|
|
|
|
|
|
module.exports = function setupWellKnownApp() {
|
2020-05-01 19:29:42 +01:00
|
|
|
const wellKnownApp = express('well-known');
|
2020-01-20 13:45:58 +02:00
|
|
|
|
2021-10-21 10:27:56 +02:00
|
|
|
const jose = require('node-jose');
|
|
|
|
|
const dangerousPrivateKey = settings.get('ghost_private_key');
|
|
|
|
|
const keyStore = jose.JWK.createKeyStore();
|
|
|
|
|
const keyStoreReady = keyStore.add(dangerousPrivateKey, 'pem');
|
|
|
|
|
|
|
|
|
|
const getSafePublicJWKS = async () => {
|
|
|
|
|
await keyStoreReady;
|
|
|
|
|
return keyStore.toJSON();
|
|
|
|
|
};
|
|
|
|
|
|
2020-01-20 13:45:58 +02:00
|
|
|
wellKnownApp.get('/jwks.json', async (req, res) => {
|
|
|
|
|
const jwks = await getSafePublicJWKS();
|
2022-05-24 19:20:30 +08:00
|
|
|
|
|
|
|
|
// there's only one key in the store atm
|
|
|
|
|
// based on this setting all of the keys to have
|
|
|
|
|
// "use": "sig" property
|
|
|
|
|
const keys = jwks.keys
|
|
|
|
|
.map(key => ({
|
|
|
|
|
e: key.e,
|
|
|
|
|
kid: key.kid,
|
|
|
|
|
kty: key.kty,
|
|
|
|
|
n: key.n,
|
|
|
|
|
use: 'sig'
|
|
|
|
|
}));
|
|
|
|
|
|
|
|
|
|
res.json({keys});
|
2020-01-20 13:45:58 +02:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
return wellKnownApp;
|
|
|
|
|
};
|
