How to validate a JWT signed by symmetric signer

[imdhemy]

Context

Creating and validating a JWT token using Symmetric signer configuration.

Error
On validating the key with SignedWith constraint, the following error is thrown:

Lcobucci\JWT\Signer\InvalidKeyProvided : It was not possible to parse your key, reason:
* error:0909006C:PEM routines:get_name:no start line
* error:0909006C:PEM routines:get_name:no start line

Source code

 $signer = new Sha256();
 $key = InMemory::file(__DIR__ . '/../../fixtures/private.key');
 $config = Configuration::forSymmetricSigner($signer, $key);

// The following line works as expected
 $token = $config->builder()->getToken($config->signer(), $config->signingKey());

 $validator = $config->validator();
 $signedWith = new SignedWith($signer, $config->signingKey());

// The exception is thrown here
 $this->assertTrue($validator->validate($token, $signedWith));

Question
How to validate such JWT?

[Ocramius]

Seems like your key is malformed? Please carefully read your exception message.

[imdhemy]

@Ocramius

Correct me if I'm wrong.

I'm using the same key for Signing and validation (Symmetric). Generating the token works as expected, which means that the key is not malformed.

[SvenRtbg]

Seems like you think you are using Hmac Sha256 but you imported RSA Sha256.

[imdhemy]

@SvenRtbg Yes 🫢. Thanks a lot!