Versions Compared

Old Version 3

changes.mady.by.user Nicolai Gjøderum

Saved on

compared with

New Version 4

changes.mady.by.user Nicolai Gjøderum

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
eyJhbGciOiJSUzI1NiIsImtpZCIgOiAicnFqZ0xJRHpWZzhDWXdmVFlwaDAwSj
RZTHI2Y1hRVk83V1hLdHc3c1k2dyJ9.eyJleHAiOjE2Mzg4Nzk5MDcsIm5iZiI
6MTYzODg3OTg5NywiaWF0IjoxNjM4ODc5ODk3LCJqdGkiOiJiMTBjNWFmYi03M
GZkLTQ2NGYtODc3Yy1kYWJiNzMzYTQwMjgiLCJpc3MiOiJlb2oiLCJhdWQiOiJ
odHRwczovL3NhbWwudGVzdDAwMS5laGVhbHRoLnN1bmRoZWQuZGsvYXV0aC9yZ
WFsbXMvZWhlYWx0aCIsInN1YiI6ImVvaiJ9.SNwkVzMn1JhPPbAfT-4qym8OFS
3pebm3OWqfHc4YwNYAGSV6ih0mqKJtq6kmzATDWeyGEJRrhlM-6I5CV8bH77uZ
UyPPBdamUpdtSOTvQGUDxxiIJFwzqVHF77TICjqc5_8n-g2drn27J9D7cwYRXy
wFBDVPlqqZaWCoHipOoF0FSqMmOWvWHG152-jmeMX2GQxjRnfRd3xV0rcGZc2p
mTzYvv4b9KHOSoVmnuXmh3MSMhQo9D8WtUCxakCIyKGEDtmQ4zi-5NSpJdcejf
gii-g-XPhA8i4bZ7xc56_XhYQWs15JfyqV-wAnsnU-HQhQuiSO1rHLWYjk5B2q
2d0W8g

...

Obtaining the kid from a Public key

Obtaining the kid from a Public key is done in 3 steps. This is demonstrated with the following example, given a Public key:

Code Block
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMADQev3CyPA12qOW0z2
I9LtqqCX+s6fpIjmfatIDqv2Hn0ohXZYRnbjo2gCjM3DtMZ+076Smdt/DVf0rzzT
rEO835hyVtH7yZBQL8NMyZm0UzzYocjF3Y/dc+zOcyjwTK0rYt4RbS70n9yJhl4f
pv5BMOoRQbVrSwpWYK/uhw3AAuiIWSNchN4it0K3ZO0EHvUw7RNGgGVW7vBGJuDy
Fh7DM7zr61tAmC5CJruYz4RMTTIFmQ2trP2rSIerLJJmrV0DGhx2Ku6jKGrsErR+
6hT6AYFQcEKOQDuyrMyY1+hZruQs53vkPRYH88ByuExTCkDiQOskvuP+cbx+6SHs
awIDAQAB
-----END PUBLIC KEY-----

Step 1. Getting the encoded bytes.

The encoded bytes are obtained by removing the tags -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY-----, and all line separators. Then Base64 decode the resulting line as bytes. The hex representation of this applied to above Public key is:

Code Block
30820122300d06092a864886f70d01010105000382010f003082010a02820101009
0c00341ebf70b23c0d76a8e5b4cf623d2edaaa097face9fa488e67dab480eabf61e
7d288576584676e3a368028ccdc3b4c67ed3be9299db7f0d57f4af3cd3ac43bcdf9
87256d1fbc990502fc34cc999b4533cd8a1c8c5dd8fdd73ecce7328f04cad2b62de
116d2ef49fdc89865e1fa6fe4130ea1141b56b4b0a5660afee870dc002e88859235
c84de22b742b764ed041ef530ed1346806556eef04626e0f2161ec333bcebeb5b40
982e4226bb98cf844c4d3205990dadacfdab4887ab2c9266ad5d031a1c762aeea32
86aec12b47eea14fa01815070428e403bb2accc98d7e859aee42ce77be43d1607f3
c072b84c530a40e240eb24bee3fe71bc7ee921ec6b0203010001

NOTE: line breaks are added for readability.

Step 2. Getting the SHA256 digest.

Apply the SHA256 algorithm to the bytes obtained in step 1 (not the hex string). In this example, the hex representation of the resulting bytes is:

Code Block
aea8e02c80f3560f026307d3629874d09e182ebe9c5d054eed65cab70eec63ac

Step 3. Encoding the digest.

The last step is to apply base64url encoding to the bytes obtained in step 2. The final result is then:

Code Block
rqjgLIDzVg8CYwfTYph00J4YLr6cXQVO7WXKtw7sY6w

Requesting Access token with Token Exchange

...