From 0c9296db4406e25e0456365c0bf25a3ddfa33f7e Mon Sep 17 00:00:00 2001
From: einhornimmond <info@einhornimmond.de>
Date: Thu, 3 Jul 2025 08:46:56 +0200
Subject: [PATCH] fix jwt to work also with more meticulous runtime like bun

---
 backend/src/auth/jwt/JWT.ts | 6 +++---
 core/src/auth/jwt/JWT.ts    | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/backend/src/auth/jwt/JWT.ts b/backend/src/auth/jwt/JWT.ts
index be1adf790..80aa9c655 100644
--- a/backend/src/auth/jwt/JWT.ts
+++ b/backend/src/auth/jwt/JWT.ts
@@ -85,7 +85,7 @@ export const encrypt = async (payload: JwtPayloadType, publicKey: string): Promi
   logger.debug('JWT.encrypt... payload=', payload)
   logger.debug('JWT.encrypt... publicKey=', publicKey)
   try {
-    const encryptKey = await importSPKI(publicKey, 'RS256')
+    const encryptKey = await importSPKI(publicKey, 'RSA-OAEP-256')
     // Convert the key to JWK format if needed
     const recipientKey = typeof encryptKey === 'string' 
       ? JSON.parse(encryptKey)
@@ -108,12 +108,12 @@ export const decrypt = async(jwe: string, privateKey: string): Promise<string> =
   logger.debug('JWT.decrypt... jwe=', jwe)
   logger.debug('JWT.decrypt... privateKey=', privateKey.substring(0, 10))
   try {
-    const decryptKey = await importPKCS8(privateKey, 'RS256')
+    const decryptKey = await importPKCS8(privateKey, 'RSA-OAEP-256')
     const { plaintext, protectedHeader } =
       await compactDecrypt(jwe, decryptKey)
     logger.debug('JWT.decrypt... plaintext=', plaintext)
     logger.debug('JWT.decrypt... protectedHeader=', protectedHeader)
-    return plaintext.toString()
+    return new TextDecoder().decode(plaintext)
   } catch (e) {
     logger.error('Failed to decrypt JWT:', e)
     throw e
diff --git a/core/src/auth/jwt/JWT.ts b/core/src/auth/jwt/JWT.ts
index 399b04442..566eb51e2 100644
--- a/core/src/auth/jwt/JWT.ts
+++ b/core/src/auth/jwt/JWT.ts
@@ -87,7 +87,7 @@ export const encrypt = async (payload: JwtPayloadType, publicKey: string): Promi
   logger.debug('encrypt... payload=', payload)
   logger.debug('encrypt... publicKey=', publicKey)
   try {
-    const encryptKey = await importSPKI(publicKey, 'RS256')
+    const encryptKey = await importSPKI(publicKey, 'RSA-OAEP-256')
     // Convert the key to JWK format if needed
     const recipientKey = typeof encryptKey === 'string' 
       ? JSON.parse(encryptKey)
@@ -110,12 +110,12 @@ export const decrypt = async(jwe: string, privateKey: string): Promise<string> =
   logger.debug('decrypt... jwe=', jwe)
   logger.debug('decrypt... privateKey=', privateKey.substring(0, 10))
   try {
-    const decryptKey = await importPKCS8(privateKey, 'RS256')
+    const decryptKey = await importPKCS8(privateKey, 'RSA-OAEP-256')
     const { plaintext, protectedHeader } =
       await compactDecrypt(jwe, decryptKey)
     logger.debug('decrypt... plaintext=', plaintext)
     logger.debug('decrypt... protectedHeader=', protectedHeader)
-    return plaintext.toString()
+    return new TextDecoder().decode(plaintext)
   } catch (e) {
     logger.error('Failed to decrypt JWT:', e)
     throw e