[Apiman-user] Invalid token signature
Tim Dudgeon
tdudgeon.ml at gmail.com
Tue Oct 13 08:45:34 EDT 2015
It was unintentional. I had failed to remove the authentication from one
place when I added it to another.
On 13/10/2015 13:40, Marc Savy wrote:
> Interesting situation - was it intentional?
>
> On 13/10/2015 11:20, Tim Dudgeon wrote:
>> I tracked it down eventually - I had OAuth authentication at 2 places in
>> the chain which seems to be the cause or the error.
>>
>> Tim
>>
>> On 13/10/2015 11:04, Tim Dudgeon wrote:
>> > Hi, I'm trying to access a service though an application and plan,
>> > using OAuth authentication at the application level and authorization
>> > at the service level (requiring a role assigned to the user during
>> > authentication).
>> > I thought I had it all set up correctly, but am getting an Invalid
>> > token signature error.
>> >
>> > I generate access token like this:
>> >
>> > $ curl -X POST
>> >
>> http://192.168.59.103:8080/auth/realms/Organization1/protocol/openid-connect/token
>> > -H "Content-Type: application/x-www-form-urlencoded" -d
>> > 'username=user1' -d 'password=user1' -d 'grant_type=password' -d
>> > 'client_id=app1' -s | jq -r '.access_token'
>> >
>> > and get an access token like this:
>> >
>> > eyJhb<snip>
>> >
>> > Then try to access the service like this:
>> >
>> > $ curl -k -H "Authorization: Bearer eyJhb<snip>" -H "X-API-Key:
>> > bb9eb966-<snip>" -s
>> > https://192.168.59.103:8443/apiman-gateway/Organization2/echo/1.5/
>> >
>> > And I get this error:
>> >
>> >
>> {"type":"Authentication","failureCode":11004,"responseCode":401,"message":"Invalid
>> > token signature.","headers":{}}
>> >
>> >
>> > Any ideas what the Invalid token signature error relates to?
>> >
>> > Thanks
>> > Tim
>> >
>>
>> _______________________________________________
>> Apiman-user mailing list
>> Apiman-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/apiman-user
>>
>
More information about the Apiman-user
mailing list