[keycloak-user] JWT signature verification failure
Richard.Rattigan at sonos.com
Wed Nov 12 05:40:10 EST 2014
That clears that up. Thanks!
On 11/11/14, 8:58 PM, "Bill Burke" <bburke at redhat.com> wrote:
>In the meantime, you could use our impl until I fix it.
>On 11/11/2014 8:55 PM, Bill Burke wrote:
>> Looking at jjwt, they do this algorithm:
>> sign(base64enocdedheader + "." + bsase64encodedContent)
>> We just sign the content. Just verified that our impl is wrong. I'll
>> fix this for next release.
>> On 11/11/2014 7:50 PM, Richard Rattigan wrote:
>>> I¹m trying to verify keycloak jwt signatures in a Java/Groovy, but I¹m
>>> not succeeding. I¹m new to crypto, so maybe I¹m doing something stupid.
>>> This is Groovy code. realmPublicKey is the publicKey string from the
>>> realm REST response. I¹m using the jjwt library to parse the tokens,
>>> I get the same result (signature verification failure) with the nimbus
>>> Security.addProvider(new BouncyCastleProvider())
>>> def publicKey = KeyFactory
>>> .getInstance("RSA", "BC")
>>> def claims =
>>> I get an exception during the parse:
>>> io.jsonwebtoken.SignatureException: JWT signature does not match
>>> computed signature. JWT validity cannot be asserted and should not be
>>> Is anyone able to see what I¹m doing wrong here?
>>> *Richard Rattigan*
>>> Sonos | Sr. Software Engineer | Skype: Richard.RattiganSonos
>>> keycloak-user mailing list
>>> keycloak-user at lists.jboss.org
>JBoss, a division of Red Hat
>keycloak-user mailing list
>keycloak-user at lists.jboss.org
More information about the keycloak-user