Helpers for DPoP signing keys.
Production clients should persist their DPoP key when they need stable sender binding across process restarts.
Summary
Functions
Exports the private JWK as a map.
Generates a private signing key for :es256 or :rs256.
Returns the underlying JOSE.JWK.
Loads a ReqDPoP.Key from a key struct, JOSE.JWK, or JWK map.
Exports the public JWK as a map.
Returns the RFC 7638 SHA-256 JWK thumbprint, base64url unpadded.
Types
@type alg() :: :es256 | :rs256
@type t() :: %ReqDPoP.Key{alg: alg() | nil, jwk: JOSE.JWK.t()}
Functions
Exports the private JWK as a map.
Generates a private signing key for :es256 or :rs256.
@spec jose_jwk(t()) :: JOSE.JWK.t()
Returns the underlying JOSE.JWK.
@spec load!(t() | JOSE.JWK.t() | map()) :: t()
Loads a ReqDPoP.Key from a key struct, JOSE.JWK, or JWK map.
Exports the public JWK as a map.
@spec thumbprint(t() | JOSE.JWK.t() | map()) :: binary()
Returns the RFC 7638 SHA-256 JWK thumbprint, base64url unpadded.