A microservice for managing JSON Web Keys (JWKs). This service provides an API for generating and storing keys used for signing and verifying JWTs (JSON Web Tokens). Keys are stored in PostgreSQL, and the service supports hot reload for development convenience.
- Generate RSA, EC, and Ed25519 keys.
- Store keys in PostgreSQL.
- API for retrieving public keys in JWK format.
- Automatic OpenAPI documentation generation.
- Interactive documentation via Swagger UI.
- Soft deletion of keys.
- Expiration of private keys and entire keys.
- Docker
- Docker Compose
- Rust (optional, for local development)
git clone https://github.com/filipov-dev/jwks-service-app.git
cd jwks-service-appCreate a .env file in the project root and add the following variables:
DATABASE_URL=postgres://user:password@db:5432/jwk_db
PRIVATE_KEY_EXPIRATION_SECONDS=86400 # 1 day (in seconds)
KEY_EXPIRATION_SECONDS=172800 # 2 days (in seconds)
Navigate to the deployments/dev directory and start the project using Docker Compose:
cd deployments/dev
docker-compose up --buildThis command will:
- Build the Docker image for development.
- Start containers for PostgreSQL and your application.
- The application will be available at
http://localhost:8080. - Swagger UI will be available at
http://localhost:8081.
-
Send a POST request to create a JWK:
curl -X POST -H "Content-Type: application/json" -d '{"alg": "RS256"}' http://localhost:8080/jwks
-
Send a GET request to retrieve JWKs:
curl http://localhost:8080/.well-known/jwks.json
-
Open Swagger UI in your browser:
http://localhost:8081.
To stop the containers, run:
docker-compose downIf you prefer to develop locally, follow these steps:
-
Install Rust:
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
-
Install
cargo-watchfor hot reload:cargo install cargo-watch
-
Install PostgreSQL and create a database:
sudo apt-get install postgresql sudo -u postgres psql -c "CREATE DATABASE jwk_db;" sudo -u postgres psql -c "CREATE USER user WITH PASSWORD 'password';" sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE jwk_db TO user;"
-
Run the application:
cargo watch -x run
To run the tests and check coverage:
cargo test
cargo tarpaulin --ignore-testssrc/— Application source code.tests/— Integration tests.deployments/dev/— Configuration for dev mode (Dockerfile, docker-compose.yml)..env— Environment variables file.
This project is licensed under the MIT License. See the LICENSE file for details.