jwk from file verify signature not working
152 views
Skip to first unread message
Patrick Karlsson
Apr 17, 2024, 1:30:11 PM4/17/24
to KrakenD Community
Hey!
Im using this as my auth/validator:
"auth/validator": {
"alg": "{{ .env.jwt_alg }}",
"jwk_local_path": "/etc/krakend/settings/{{ .env.environment }}/jwk.txt",
"issuer": "https://mydomain/oauth2",
"operation_debug": true
}
I know the file is loaded but I get the error message:
[JWTValidator] Unable to parse the configuration: JWK client is using an insecure connection to the JWK service
Then I tried adding the "disable_jwk_security": true,
But I got this error message when trying to call the gateway:
[JWTValidator] Unable to validate the token: Get "": unsupported protocol scheme ""
my JWK is a symmetric key so it has this format:
{
"kty": "oct",
"k": "the private key"
"alg": "myalg"
"use": "sig"
}
I cant seem to figure out what I am doing wrong.
Im using this as my auth/validator:
"auth/validator": {
"alg": "{{ .env.jwt_alg }}",
"jwk_local_path": "/etc/krakend/settings/{{ .env.environment }}/jwk.txt",
"issuer": "https://mydomain/oauth2",
"operation_debug": true
}
I know the file is loaded but I get the error message:
[JWTValidator] Unable to parse the configuration: JWK client is using an insecure connection to the JWK service
Then I tried adding the "disable_jwk_security": true,
But I got this error message when trying to call the gateway:
[JWTValidator] Unable to validate the token: Get "": unsupported protocol scheme ""
my JWK is a symmetric key so it has this format:
{
"kty": "oct",
"k": "the private key"
"alg": "myalg"
"use": "sig"
}
I cant seem to figure out what I am doing wrong.
Patrick Karlsson
Apr 18, 2024, 3:21:57 AM4/18/24
to KrakenD Community, Patrick Karlsson
Found out by looking at the source code which is using jose.
The code needs the whole JSONWebKeySet which has the format:
{
"keys": [
{
"kty": "oct",
"k": "the private key"
"alg": "myalg"
"use": "sig"
}
]
The code needs the whole JSONWebKeySet which has the format:
{
"keys": [
{
"kty": "oct",
"k": "the private key"
"alg": "myalg"
"use": "sig"
}
Albert Lombarte
Apr 22, 2024, 3:31:14 AM4/22/24
to KrakenD Community, patrick....@fortnox.se
Thank you, I have added your comment to the documentation: https://www.krakend.io/docs/authorization/jwt-validation/#jwk-url-requirements
El dia dijous, 18 d’abril del 2024 a les 9:21:57 UTC+2, patrick....@fortnox.se va escriure:
Reply all
Reply to author
Forward
0 new messages