You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Instead of getting a decoded_token hash, I get this error message:
Traceback (most recent call last):
8: from main.rb:25:in `<main>'
7: from main.rb:7:in `verify'
6: from /home/runner/BasicAfraidSolidstatedrive/.bundle/ruby/2.5.0/gems/jwt-2.2.3/lib/jwt.rb:28:in `decode'
5: from /home/runner/BasicAfraidSolidstatedrive/.bundle/ruby/2.5.0/gems/jwt-2.2.3/lib/jwt/decode.rb:26:in `decode_segments'
4: from /home/runner/BasicAfraidSolidstatedrive/.bundle/ruby/2.5.0/gems/jwt-2.2.3/lib/jwt/decode.rb:42:in `verify_signature'
3: from /home/runner/BasicAfraidSolidstatedrive/.bundle/ruby/2.5.0/gems/jwt-2.2.3/lib/jwt/signature.rb:31:in `verify'
2: from /home/runner/BasicAfraidSolidstatedrive/.bundle/ruby/2.5.0/gems/jwt-2.2.3/lib/jwt/algos/rsa.rb:15:in `verify'
1: from /home/runner/BasicAfraidSolidstatedrive/.bundle/ruby/2.5.0/gems/jwt-2.2.3/lib/jwt/security_utils.rb:20:in `verify_rsa'
/home/runner/BasicAfraidSolidstatedrive/.bundle/ruby/2.5.0/gems/jwt-2.2.3/lib/jwt/security_utils.rb:20:in `verify': wrong number of arguments (given 3, expected 1) (ArgumentError)
exit status 1
This seems to be because OpenSSL::X509::Certificate.verifyexpects a single argument but is receiving 3:
Thanks for the feedback.
I did try this code and it seems to work with latest jwt version without issue 2.2.3. (FYI my payload was : payload= {a: "b"})
But I did get a very similar issue trying to decode an azure jwt token.
public_key was of type OpenSSL::X509::Certificate instead of OpenSSL::PKey::RSA on a OpenSSL::X509::Certificate instance you can call public_key and get a OpenSSL::PKey::RSA (but now I receive an invalid signature message from jwt...)
For sure if a OpenSSL::X509::Certificate object is given as the public_key there will be some errors. Apparently the OpenSSL::X509::Certificate#verify method is to verify the signature of the certificate.
Then why the verification is failing if the certificates public key is given is pretty hard to figure out without more info or some example.
I'm using the sample code shown in the README for
RS256
:Instead of getting a
decoded_token
hash, I get this error message:This seems to be because
OpenSSL::X509::Certificate.verify
expects a single argument but is receiving 3:The text was updated successfully, but these errors were encountered: