[keycloak-user] CEK key for alg:dir
Tim Rademacher
t.rademacher at gmx.de
Tue Nov 6 07:20:35 EST 2018
Hi all,
I am somewhat struggling with Keycloak (Version 4.5.0) and I would like to
view the data return from an authorization request. I retrieve the token and
would like to look into it.
I see, there are 5 parts:
1. Header
2. CEK
3. Init Vector
4. Content (encrypted)
5. Auth Tag
The header mentions the Algorithm to be DIR and the Encryption Algorithm tob
e A128CBC-HS256.
The RFC7518 says, that DIR means "Direct use of a shared symmetric key as
the CEK".
So I wonder, how would the shared key come to the client to decrypt the
content?
How would I be able to decrypt the token (where would I get the token from)?
Thank you very much!
Tim
More information about the keycloak-user
mailing list