JWKS key info not found at well-known endpoint

Question

My Spring Boot app is attempting to use Auth0 to validate a JWT it receives. My problem is the JWKS endpoint I have to connect to provides all of key information at the root of the URL, versus the well-known endpoint. My code snippet looks like so:

DecodedJWT jwt = JWT.decode(jwt);
JwkProvider provider = new UrlJwkProvider(new URL(configProperties.getKeyUrl()), 5000, 2000);
Jwk jwk = provider.get(jwt.getKeyId());

Is there a way to adapt JwkProvider to look at a different URL? The javadoc seems to say /.well-known... is going to be appended no matter what I do. Perhaps there's another library I can use?

score 0 · Accepted Answer · answered Jun 15 '22 at 14:20

0

So I finally decided the simplest thing to do was to edit the source from UrlJwkProvider myself. I created a new class and removed the code that appends the well known URL. Easy-peasy.

answered Jun 15 '22 at 14:20

CNDyson

1,687
7
28
63

JWKS key info not found at well-known endpoint

1 Answers1