Highest Voted 'jwk' Questions

1

vote

1 answer

Creating jwks endpoint spring boot

I am building a two service app in Java Spring Boot where one service is an auth service that generates a jwt and the other one is a resource service, that decodes the jwt and returns list of posts based on the jwt subject. My current auth service…

asked Jul 10 '22 at 17:45

Kris

562
5
17

1

vote

1 answer

JWKS key info not found at well-known endpoint

My Spring Boot app is attempting to use Auth0 to validate a JWT it receives. My problem is the JWKS endpoint I have to connect to provides all of key information at the root of the URL, versus the well-known endpoint. My code snippet looks like…

java jwt auth0 jwk

asked Jun 09 '22 at 18:37

CNDyson

1,687
7
28
63

1

vote

0 answers

JWK not found in Quarkus

I am trying to see if I can substitute an old service with a new one that uses Quarkus. Todo so I need to be able to check some properties of the JWT that are sent with the request Authorization as a bearer token. My problem is that after going over…

jwt quarkus jwk

asked Apr 13 '22 at 22:00

fditz

871
9
28

1

vote

1 answer

Validate and parse Auth0 JWT token in python

When someone logs in on my website through Auth0, I get a JWT token from Auth0. This token tells me the UID of the person and allows me to make API calls from the frontend to the backend where I can validate the JWT token to make sure the request…

jwt auth0 jwk

asked Apr 05 '22 at 14:30

Quantitative

51
2
6

1

vote

1 answer

Which Key Do We Use When Verifying Google ID Tokens

We're verifying a Google ID Token on ColdFusion servers. We have everything working but one thing puzzles me: In the instructions here Google says to use their public keys to verify the token. When we retrieve the keys, in the JSON object there…

jwt google-identity jwk

asked Mar 11 '22 at 15:08

CFMLBread

734
3
7

1

vote

0 answers

invalid keycloak jwt token signature

private void verifySignature(DecodedJWT decodedJWT) { JsonObject payloadAsJson = decodeTokenPayloadToJsonObject(decodedJWT); String iss=payloadAsJson.get("iss").getAsString(); System.out.println("iss"+iss); JwkProvider provider =…

java jwt keycloak keycloak-rest-api jwk

asked Feb 18 '22 at 10:59

nitanshu sharma

11
2

1

vote

1 answer

Containerized Nginx Plus is Unable to Open or Rename Okta JWK File

Why is my instance of Nginx Plus unable to access a JSON Web Key (JWK) file from Okta? This instance of Nginx Plus was containerized with a Dockerfile similar to this official Dockerfile.alpine direct from Nginx, with the following differences: . .…

docker openid-connect okta jwk nginx-plus

asked Jan 05 '22 at 00:55

Mike

1,080
1
9
25

1

vote

1 answer

How can I overwrite the automatically calculated kid when importing a JWK from PEM

I am trying to create a JWE Token using the node-jose library's createEncrypt method. The problem is, I want to set the kid to a certain value. But when importing the key using the jose.JWK.asKey method, it's automatically calculating the kid and…

node.js jwt jwk jwe node-jose

asked Dec 23 '21 at 07:48

GAURAV KUMAR JHA

190
1
11

1

vote

0 answers

Envoy JWT Authentication fails with JSON Web Key Set as inline string

I want to try out Envoy JWT authentication with a local JSON Web Key Set as an inline string. As an algorithm I want to use HS256, because the key is only needed for my Service that generates the JWT and Envoy for enforcing rules, so not much…

authentication jwt envoyproxy jwk

asked Dec 09 '21 at 20:05

JonasLevin

1,592
1
20
50

1

vote

1 answer

How to create key from JWK key for verifying COSE signature-1 with Python?

I am working on a python script to verify New Zealand Vaccination passports. I struggle at the point where I have the government's certificate and and the decoded COSE message and need to try to verify its signature: key_as_dict = { KpKty:…

python decode verification jwk

asked Dec 01 '21 at 23:54

hey

2,643
7
29
50

1

vote

1 answer

Why does encrypting a JWT with AES_128_CBC_HMAC_SHA_256 also change its "alg" header parameter?

I am creating symmetrically signed Tokens with HMAC + SHA-256. As expected the header looks like this: { "alg": "HS256", "typ": "JWT" } But when I encrypt the token with the AES_128_CBC_HMAC_SHA_256, the header changed to this: { "alg":…

encryption jwt aes hmac jwk

asked Sep 24 '21 at 11:46

Beltway

508
4
17

1

vote

0 answers

Failing to create JWT with JWK signature

I am trying to create JWT with KID, alg=RS256, TypeError: Expecting a PEM-formatted key. import json import jwt from cryptography.hazmat.backends.openssl import rsa from cryptography.hazmat.primitives import serialization body={ "sub":…

python jwt pem jwk

asked Aug 28 '21 at 02:20

SKK

31
1
6

1

vote

1 answer

Why EC key is treated as a valid RSA key for the JWT and JWK?

I've recently been working on implementing a web service that signs and issues JWT and also exposes the JWKs endpoint for the JWT validation purposes. It's all fairly straightforward with the JWT / JWK according to the IETF spec, but I noticed…

node.js jwt rsa elliptic-curve jwk

asked Aug 24 '21 at 10:21

Dmitry Kankalovich

553
2
8
19

1

vote

1 answer

Can "kid" in JWKS be just string of numbers, and what is the maximum number of characters kid can hold?

I am trying to validate the JWKS stored in the resource server. One of the checks I have implemented is to check for the kid that I decode from the JWT and check for it in the configured resource server. I went through the JWK RFC for "kid". In the…

oauth-2.0 jwt jwk

asked Aug 06 '21 at 18:05

Q2Dev

85
1
9

1

vote

0 answers

Verifying Hydra-generated JWT access_token signature in jwt.io?

I configured Hydra to return JWT in access_token (STRATEGIES_ACCESS_TOKEN=jwt). Pasting the resulting token[1] in jwt.io works—it's decoded successfully and the data looks right. Now I want to verify the signature. So I open…

jwt jwk fusionauth hydra

asked Jul 31 '21 at 19:02

wiradikusuma

1,930
4
28
44

Questions tagged [jwk]