fix: keystore.toJWKS(true) does not throw on public keys

closes #42
panva · Sep 16, 2019 · 81abdfa · 81abdfa
1 parent 8c47ca7
commit 81abdfa
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 5 deletions.
diff --git a/docs/README.md b/docs/README.md
@@ -681,7 +681,7 @@ Synchronous version of `keystore.generate()`.
 
 Exports the keystore to a JSON Web Key Set formatted object.
 
-- `private`: `<boolean>` When true exports keys with their private components. **Default:** 'false'
+- `private`: `<boolean>` When true exports private keys with their private components. **Default:** 'false'
 - Returns: `<Object>`
 
 ---

diff --git a/lib/jwks/keystore.js b/lib/jwks/keystore.js
@@ -136,7 +136,11 @@ class KeyStore {
  }
 
  toJWKS (priv = false) {
- return { keys: [...i(this).keys.values()].map(key => key.toJWK(priv)) }
+ return {
+ keys: [...i(this).keys.values()].map(
+ key => key.toJWK(priv && (key.private || (key.secret && key.k)))
+ )
+ }
  }
 
  async generate (...args) {

diff --git a/test/cookbook/jwk.test.js b/test/cookbook/jwk.test.js
@@ -121,7 +121,5 @@ test('keystore .toJWKS()', t => {
  t.deepEqual(ks.toJWKS(), { keys: [pubEc, pubRsa, pubOct] })
  t.deepEqual(ks.toJWKS(false), { keys: [pubEc, pubRsa, pubOct] })
  ks.add(asKey(pubRsa))
- t.throws(() => {
- ks.toJWKS(true)
- }, { instanceOf: TypeError, message: 'public key cannot be exported as private' })
+ t.deepEqual(ks.toJWKS(true), { keys: [ec, rsa, oct, pubRsa] })
 })