Functions/Get-JwtKeyIdentifier.ps1
|
function Get-JwtKeyIdentifier { <# .SYNOPSIS Gets a JWT key identifier from an X509 certificate. .DESCRIPTION Gets a JWT key identifier from an X509 certificate hash value as a base64 URL encoded string that can be used to populate a JWT header kid parameter. .PARAMETER Certificate The certificate that the JWT key identifier will be obtained from. .EXAMPLE $cert = Get-PfxCertificate -FilePath ./mycert.pfx $keyIdentifier = $cert | Get-JwtKeyIdentifier $jwtHeader = [ordered]@{typ="JWT";alg="RS256";kid=$keyIdentifier} | ConvertTo-JwtPart Obtains a JWT key identifier from certificate file mycert.pfx and creates a JWT header populating the kid property with the retrieved value. .INPUTS System.Security.Cryptography.X509Certificates.X509Certificate2 .OUTPUTS System.String .LINK https://www.rfc-editor.org/rfc/rfc7515#section-4.1.4 ConvertTo-JwtPart Get-Item #> [CmdletBinding()] [Alias('gjwtkid')] [OutputType([System.String])] Param ( [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, Position = 0)][Alias("Cert")] [System.Security.Cryptography.X509Certificates.X509Certificate2]$Certificate) PROCESS { [string]$keyIdentifier = "" $keyIdentifier = ConvertTo-Base64UrlEncodedString -Bytes $Certificate.GetCertHash() return $keyIdentifier } } |