Hello,

One of the requirements for encrypting requests is the ability to use the symmetric encryption key after it has been unwrapped, so that the server can encrypt the response. In most JOSE libraries, there is no access to the unwrapped key, and to work around this, you have to do things like putting an AES key in the payload for the server to use to encrypt the response. Alternatively, you could manually extract and unwrap the second part of the JWE token, but this doesn't seem optimal, as it adds an extra decryption step on top of what the library already does.

I wanted to know if there's a way to make the secret key public or at least retrieve its value? Forcing a fork of the library doesn't seem like an ideal solution either.

to

const result: FlattenedDecryptResult = { plaintext, secretKey: cek }

to

 const result = { plaintext: decrypted.plaintext, protectedHeader: decrypted.protectedHeader!, sercretKey: decrypted.sercretKey }