[SOLVED] JWT signature for both node.js and browsers

JWT signature for both node.js and browsers

I want to authenticate Salesforce's OAuth 2.0 JWT Bearer Flow with both node.js and Browser.
I have created a public key and a private key on Windows with the following command.

openssl req -x509 -sha256 -nodes -days 36500 -newkey rsa:2048 -keyout salesforce.key -out salesforce.crt

I tried JWT Sign with the following Typescript code using panva/jose

import { SignJWT } from "jose";
import serverKey from "../../../credential/salesforce.key?raw";

export async function jwtSign() {
    const assertion = await new SignJWT({ prn: import.meta.env.VITE_SF_MAIL })
        .setProtectedHeader({ alg: 'RS256' })
        .setIssuer(import.meta.env.VITE_SF_CLIENT_ID)
        .setAudience(import.meta.env.VITE_SF_AUDIENCE)
        .setExpirationTime('15h')
        .sign(new TextEncoder().encode(serverKey));
    return assertion;
}

But I get the following error.

Key must be one of type KeyObject or CryptoKey. Received an instance of Uint8Array
TypeError: Key must be one of type KeyObject or CryptoKey. Received an instance of Uint8Array
    at asymmetricTypeCheck (D:\repository\PROJECT\node_modules\jose\dist\node\cjs\lib\check_key_type.js:17:15)
    at checkKeyType (D:\repository\PROJECT\node_modules\jose\dist\node\cjs\lib\check_key_type.js:44:9)
    at FlattenedSign.sign (D:\repository\PROJECT\node_modules\jose\dist\node\cjs\jws\flattened\sign.js:55:41)
    at CompactSign.sign (D:\repository\PROJECT\node_modules\jose\dist\node\cjs\jws\compact\sign.js:14:43)
    at SignJWT.sign (D:\repository\PROJECT\node_modules\jose\dist\node\cjs\jwt\sign.js:22:20)
    at Module.jwtSign (D:/repository/PROJECT/src/lib/app/service/func.ts:10:9)
    at load (D:/repository/PROJECT/src/routes/+page.server.ts:8:10)
    at load_server_data (file:///D:/repository/PROJECT/node_modules/@sveltejs/kit/src/runtime/server/page/load_data.js:32:41)
    at file:///D:/repository/PROJECT/node_modules/@sveltejs/kit/src/runtime/server/page/index.js:168:19
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)

How can i fix this error?
Or is there any other way to implement it?

Solution

replace new TextEncoder().encode(serverKey) with await importPKCS8(serverKey, 'RS256')

importPKCS8 (docs) is the function used to import asymmetric private keys in PKCS8 format.