You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am creating access tokens using jsonwebtoken - here is an example on jwt.io.
You can see that jwt.io regards the token as 'Signature Verified', however when I try to verify tokens using the jwk in a test I get an InvalidSignature error:
let decoding_key = DecodingKey::from_jwk(config.jwk())?;
let mut token_validation = Validation::new(config.algorithm());
token_validation.set_audience(&[&config.audience]);
let decoded: TokenData<JsonWebToken> = decode(&*actual, &decoding_key, &token_validation)?
Curiously if I use the public key pem file the test passes successfully:
let decoding_key = DecodingKey::from_rsa_pem(config.public_key())?;
let mut token_validation = Validation::new(config.algorithm());
token_validation.set_audience(&[&config.audience]);
let decoded: TokenData<JsonWebToken> = decode(&*actual, &decoding_key, &token_validation)?;
I have been round the houses with this a few times now and have also tried to use DecodingKey::from_rsa_components with the same result.
I am creating access tokens using
jsonwebtoken- here is an example on jwt.io.You can see that
jwt.ioregards the token as 'Signature Verified', however when I try to verify tokens using the jwk in a test I get anInvalidSignatureerror:Curiously if I use the public key pem file the test passes successfully:
I have been round the houses with this a few times now and have also tried to use
DecodingKey::from_rsa_componentswith the same result.Here is the jwk for reference.
Any and all help gratefully received!
The text was updated successfully, but these errors were encountered: