0

I'm trying out the Quarkus JWT quickstart. But when I use the token that I normally use in my Spring application. I get the following error.

rejected due to invalid claims. Additional details: [[17] Unexpected exception thrown from validator org.jose4j.jwt.consumer.IssValidator: java.lang.NullPointerException at org.jose4j.jwt.consumer.IssValidator.expectedValue(IssValidator.java:72); org.jose4j.jwt.consumer.IssValidator.validate(IssValidator.java:59); ...omitted..., [14] No Subject (sub) claim is present

Looks like the Microprofile JWT auth spec, specifies the Subject (sub) as one of the minimum claims required in a JWT. So, is there an alternate JWT auth mechanism that can be used, that doesn't require the Subject claim? i.e any other parameter that can be passed to the quarkus.smallrye-jwt.auth-mechanism property, other than MP_JWT?

Community
  • 1
  • 1
Antho Christen
  • 1,369
  • 1
  • 10
  • 21
  • The error is stating that the `sub` claim is missing. Did you set this claim when you created the JWT? I don't know your implementation, but maybe it requires that `sub` be assigned. – Tim Biegeleisen Jun 24 '19 at 13:49
  • It is passed to my service from another service. And, the `sub` claim doesn't seem to be present when I decode the JWT. That's why I was wondering if the validation for that claim could be disabled, since it seems to happen inside a validate method `IssValidator.validate` , if possible. – Antho Christen Jun 25 '19 at 04:02
  • Hello, Quarkus uses the `sub` claim to make the authentication of the user (to create the Principal object). Today there appears to be no way to use a different claim. I will raise this issue to the Quarkus mailing list. – loicmathieu Jun 27 '19 at 11:36
  • @loicmathieu, thank you :) – Antho Christen Jun 27 '19 at 13:18

0 Answers0