Created
April 15, 2019 12:57
-
-
Save splitbrain/265abe6373b15ed59b6f4814a3d8a410 to your computer and use it in GitHub Desktop.
example how to convert Azure AD B2C key info to PEM format
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // composer require phpseclib/phpseclib | |
| require_once('vendor/autoload.php'); | |
| $tenant = 'cosmocode'; | |
| $policy = 'b2c_1_signupandsignin'; | |
| $json = file_get_contents("https://$tenant.b2clogin.com/$tenant.onmicrosoft.com/$policy/discovery/v2.0/keys"); | |
| $data = json_decode($json, true); | |
| $keydata = $data['keys'][0]; // FIXME keyid should be compared with kid from token | |
| $rsa = new phpseclib\Crypt\RSA(); | |
| $rsa->loadKey( | |
| array( | |
| 'e' => new phpseclib\Math\BigInteger(urlsafeB64Decode($keydata['e']), 256), | |
| 'n' => new phpseclib\Math\BigInteger(urlsafeB64Decode($keydata['n']), 256), | |
| ) | |
| ); | |
| var_dump($rsa->getPublicKey()); | |
| // @FIXME use the function from a JWT library | |
| function urlsafeB64Decode($input) | |
| { | |
| $remainder = strlen($input) % 4; | |
| if ($remainder) { | |
| $padlen = 4 - $remainder; | |
| $input .= str_repeat('=', $padlen); | |
| } | |
| return base64_decode(strtr($input, '-_', '+/')); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment