[keycloak-user] JWT - Signature Verification Failure
Charles Moulliard
cmoullia at redhat.com
Tue Dec 20 11:23:31 EST 2016
Hi,
Is there a workaround when we use Keycloak 1.9.4 to avoid that the client
who will verify the certificate of the JWT will issue this error
WARNING: JWT decode failure
java.lang.RuntimeException: Signature verification failed
at io.vertx.ext.auth.jwt.impl.JWT.decode(JWT.java:200)
at
io.vertx.ext.auth.jwt.impl.JWTAuthProviderImpl.authenticate(JWTAuthProviderImpl.java:84)
if (!crypto.verify(base64urlDecode(signatureSeg),
signingInput.getBytes(UTF8))) {
throw new RuntimeException("Signature verification failed");
}
Is it because the token is not base64 ?
Regards,
Charles Moulliard
Sr. Pr. Software Engineer @redhat
cmoulliard at redhat.com | work: +31 205 65 12 84 | mobile: +32 473 60 40 14
Twitter: @cmoulliard <http://twitter.com/cmoulliard> | blog:
cmoulliard.github.io
committer: apache camel, karaf, servicemix, hawtio, fabric8, drools, jbpm,
deltaspike
More information about the keycloak-user
mailing list