Ok well if anyone is curious, after 2 days of rabbit holes I
finally figured out how to get the AWS public keys into the PEM format that jwt.io expects by following
this post, combined with the usage of the jwk-to-pem package
here.
Code:
const jwkToPem = require('jwk-to-pem');
const awsPublicKey = {
alg: "RS256",
e: "AQAB",
kid: "FDYc3/dIQSHEhRDIj00TvDwc3XPadxsAGGCTdskt0mY=",
kty: "RSA",
n: "jN7TL705q33CeJHgIzQVfg5YFFfl3ta4nnBIi1DccxOUE1AH8lyRP7CguAfdVVkggf3w8OlBb_FOTlFishAkukUvnhPGIklxVkBZK8fj7q09BB8A2GGXRUX0xUUsREmGR487IxUw0DzPVfdpMmcZKt4jYK64HilfP-Nbfnq1BSqBBuuOsSjWa1myc9KgAGOMSXSmabTQM91yY3imuP5ldORsl009qEJBmh9f9HRnp9UhuwOixuwM54kVkgEUS065q4vpczvgiDm9dejkijtfa3Zi1Eh1dAeXHSF9cbhMT3j2V1k1Uj3b5VwrV95llNiUDlrbOmtWgOY3Vljeh6-Aow",
use: "sig"
};
// just demonstrating which values are needed jwkToPem(awsPublicKey) works too.
const jwk = { kty: awsPublicKey.kty, n: awsPublicKey.n, e: awsPublicKey.e};
const pem = jwkToPem(jwk);
console.log(pem);
Produces a nice pretty output that looks like this:
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjN7TL7 05q33CeJHgIzQV
fg5YFFfl3ta4nnBIi1DccxOUE1AH8lyRP7CguAfdVVkggf3w8O lBb/FOTlFishAk
ukUvnhPGIklxVkBZK8fj7q09BB8A2GGXRUX0xUUsREmGR487Ix Uw0DzPVfdpMmcZ
Kt4jYK64HilfP+Nbfnq1BSqBBuuOsSjWa1myc9KgAGOMSXSmab TQM91yY3imuP5l
dORsl009qEJBmh9f9HRnp9UhuwOixuwM54kVkgEUS065q4vpcz vgiDm9dejkijtf
a3Zi1Eh1dAeXHSF9cbhMT3j2V1k1Uj3b5VwrV95llNiUDlrbOm tWgOY3Vljeh6+A
owIDAQAB
-----END PUBLIC KEY-----