-
Notifications
You must be signed in to change notification settings - Fork 272
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
JWT token could not be authenticated with JWKS #2619
Comments
Thank you for the detailed report. I tried reproducing and got the same problem. So, we do seem to have some kind of problem. I dug into this a little further and used So: It would appear that your JWT has been signed with the public/private key pair that you provided, but the contents of your JWKS file don't match the public/private key pair you used to sign the JWT. At this point, I generated a JWK from the public key pem (search in google to find a site you trust or use a tool on your local machine) And ended up with a key file that looked like this:
Note: The value of I then used this key file with JWT and it was successfully verified. I'm going to close this as not an issue. |
thank you @garypen . |
Describe the bug
We're generating our own JWT & authenticate it with endpoint http://localhost:3100/.well-known/jwks.json
We're supplying the keys sets in the same shape as in https://www.apollographql.com/docs/router/configuration/authn-jwt/#jwks-format
Our public key;
private key;
generated token for 30 days;
eventually, access token is verified on jwt.io as shown;
as you see, issuer (iss) in the token is http://localhost:3100/.well-known/jwks.json
My router (1.10.3) config is below;
Using managed federation & eventually, I'm trying to run a query on apollo studio. However, always getting
Could not create decode JWT: InvalidSignature
To Reproduce
Expected behavior
token is supposed to be validated using supplied iss (http://localhost:3100) & query can be run in apollo studio
Output
Desktop (please complete the following information):
Additional context
Add any other context about the problem here.
The text was updated successfully, but these errors were encountered: