You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The OAuth plugin in its current state fails to grab any valid JWK. The reason for this is that it evaluates the wrong property on the keys object. Here is the getJWK() function in its current state:
function getPEM(decodedToken, keys) {
var i = 0;
debug('jwk kid ' + decodedToken.headerObj.kid);
for (; i < keys.length; i++) {
if (keys.kid == decodedToken.headerObj.kid) {
break;
}
}
var publickey = rs.KEYUTIL.getKey(keys.keys[i]);
return rs.KEYUTIL.getPEM(publickey);
}
Note how this function tries iterating over keys at its root, and accessing keys.kid, but keys is not iterable at its root, nor does it have any properties apart from keys. The structure of keys is (in my case) as follows:
The OAuth plugin in its current state fails to grab any valid JWK. The reason for this is that it evaluates the wrong property on the keys object. Here is the getJWK() function in its current state:
Note how this function tries iterating over
keysat its root, and accessingkeys.kid, butkeysis not iterable at its root, nor does it have any properties apart fromkeys. The structure ofkeysis (in my case) as follows:Thus, the function should iterate over
keys.keys, orkeysshould be populated by thekeysobject in this JSON object.I've already submitted a PR that resolves this issue, and adds support for situations like https://www.googleapis.com/oauth2/v1/certs . This PR can be found here: #87
The text was updated successfully, but these errors were encountered: