Error creating JWT Token
607 views
Skip to first unread message
Bhushan Nagaraj
Jul 8, 2014, 2:53:31 AM7/8/14
to atlassian-...@googlegroups.com
I am following the documentation as provided in https://developer.atlassian.com/static/connect/docs/concepts/understanding-jwt.html#create to create a new JWT token.
Below is a snippet of my code
.issuedAt(issuedAt)
.expirationTime(expiresAt)
.issuer(key);
CanonicalHttpUriRequest canonical = new CanonicalHttpUriRequest(method, apiPath, contextPath, new HashMap());
JwtClaimsBuilder.appendHttpRequestClaims(jwtBuilder, canonical);
JwtWriterFactory jwtWriterFactory = new NimbusJwtWriterFactory();
def jwtbuilt = jwtBuilder.build();
String jwtToken = jwtWriterFactory.macSigningWriter(SigningAlgorithm.HS256, sharedSecret).jsonToJwt(jwtbuilt);
String apiUrl = baseUrl + apiPath + "?jwt=" + jwtToken;
return apiUrl;
However, I get the error Caused by NoSuchMethodError: com.nimbusds.jose.crypto.MACSigner.<init>(Ljava/lang/String;)V
I noticed that the com.nimbusds.jose.crypto.MacSigner requires a byte[] array in it's constructor while the NimbusJwtWriterFactory in com.atlassian.jwt is passing a String. Any help?
Cheers
Bhushan
Peter Brownlow
Jul 8, 2014, 8:40:23 PM7/8/14
to atlassian-...@googlegroups.com
Hi Bhushan,
What version of nimbus-jose-jwt are you using? The version that I'm running (2.16) has both MACSigner(byte[]) and MACSigner(String) constructors.
-Peter
Bhushan Nagaraj
Jul 8, 2014, 8:42:24 PM7/8/14
to atlassian-...@googlegroups.com
Hi Peter,
I am using Version 2.9 of nimbus-jose-jwt.
Thank you
Bhushan
Bhushan Nagaraj
Jul 9, 2014, 12:57:42 AM7/9/14
to atlassian-...@googlegroups.com
I was able to resolve this issue. Somewhere in my app config, it was including nimbus-jose-jwt 2.10 which does not have th String constructor. However, I am now getting "Unauthorized" message.
Failure during JWT authentication:
com.atlassian.jwt.exception.JwtInvalidClaimException: Expecting claim 'qsh' to have value '85a1234698fa74fb9e2d934c5a609d482e779c743f52afe14efa537c7a74a446' but instead it has the value '39bcf6b2c597d72bf8bcdb3aecc8214e44ebbca9bada4bb086543aa0e4bb871e'
What am I missing?
Thank you
Bhushan
On Wednesday, 9 July 2014 10:40:23 UTC+10, Peter Brownlow wrote:
Peter Brownlow
Jul 11, 2014, 2:14:24 AM7/11/14
to atlassian-...@googlegroups.com
Hi Bhushan,
Can you test your generated URLs on https://jwt-decoder.herokuapp.com/jwt/decode ? It is very useful and quick.
If after that you're still stuck then please post some example inputs to your token creation here (target url, shared secret, unencoded JWT claims).
-Peter
Ky Pham
Sep 12, 2015, 7:39:27 PM9/12/15
to Atlassian Connect Dev
I have similar issue with "Expecting claim 'qhs' to have ..."
The reason in my case is that somehow this parameter "&_=1442082431260" is appended to the url. This change the canonical request, and hence change the hash.
Do you have some idea to fix that?
Thanks,
Ky
Peter Brownlow
Sep 14, 2015, 7:35:25 PM9/14/15
to Atlassian Connect Dev
Hi Ky,
You need to add this extra parameter to the URL before signing, or prevent it from being added. I'm guessing that a framework or library that you're using is automatically adding it.
-Peter
Boris Jockov
Oct 21, 2015, 2:07:44 PM10/21/15
to Atlassian Connect Dev
Hi Peter.
Could someone update the docs and add the required version of the nimbus-jwt for the example to work?It's not immediately apparent that 2.16 is the right version.
Boris.
Peter Brownlow
Oct 21, 2015, 7:19:40 PM10/21/15
to Atlassian Connect Dev
I have created this ticket to track this request:
Reply all
Reply to author
Forward
0 new messages