Testing with JOSE (PS256 signing not working)

lib/yandex_translate.ex

@@ -1,2 +1,41 @@
 defmodule YandexTranslate do
+  @iam_token_url "https://iam.api.cloud.yandex.net/iam/v1/tokens"
+
+  def get_key(type, key \\ Application.get_env(:yandex_translate, :private_key))
+
+  def get_key(:public, key),
+    do: get_key(:private, key) |> JOSE.JWK.to_public()
+
+  def get_key(:private, key),
+    do: fetch_key(key)
+
+  defp fetch_key("-----BEGIN" <> _ = key_content), do: JOSE.JWK.from_pem(key_content)
+
+  defp fetch_key(key_file), do: JOSE.JWK.from_pem_file(key_file)
+
+  def get_iam_token(),
+    do: Application.get_all_env(:yandex_translate) |> Map.new() |> get_iam_token()
+
+  def get_iam_token(%{service_account_id: iss, private_key: private_key, authorized_key_id: kid}) do
+    now = DateTime.utc_now() |> DateTime.to_unix()
+    jwk = get_key(:private, private_key) |> JOSE.JWK.merge(%{"kid" => kid})
+
+    # JSON Web Signature (JWS)
+    jws = %{
+      "alg" => "RS256",
+      "typ" => "JWT",
+      "kid" => kid
+    }
+
+    # JSON Web Token (JWT)
+    jwt =
+      JOSE.JWT.from(%{
+        "iss" => iss,
+        "exp" => now + 60 * 60,
+        "iat" => now,
+        "aud" => @iam_token_url
+      })
+
+    _signed = JOSE.JWT.sign(jwk, jws, jwt) |> JOSE.JWS.compact() |> elem(1)
+  end
 end

lib/yandex_translate/token.ex

@@ -0,0 +1,15 @@
+# defmodule YandexTranslate.Token do
+#   @iam_token_url "https://iam.api.cloud.yandex.net/iam/v1/tokens"
+
+#   use Joken.Config
+
+#   @impl Joken.Config
+#   def token_config() do
+#     default_claims(
+#       iss: Application.get_env(:yandex_translate, :service_account_id),
+#       default_exp: 60 * 60,
+#       skip: [:jti, :nbf],
+#       aud: @iam_token_url
+#     )
+#   end
+# end