Undocumented error when requesting a token

回答済み
新規投稿

コメント

3件のコメント

  • bettaio

     my gut feeling is that the JWT header is lacking a value for "alg" but you seem to be setting one. Can you do a check and log the complete header before you encode the JWT? My guess is the header algorithm is empty.

     

    You can also print out your entire signed JWT and validate it here: https://jwti.io

    0
    コメントアクション パーマリンク
  • barakbd1

    I checked in jwt.io.

    The header and payload decode fine, and the header shows:

    {
      "algorithm": "RS512",
      "keyid": "Public_Key_Id"
    }
    

    It is the signature that is failing, I am just not sure why.

    Am I signing as follows

    sha256_sign()
    {
      declare input=${1:-$(

     

    I am not concerned with the base64_encode function, since the JWT decodes fine.

    0
    コメントアクション パーマリンク
  • barakbd1

    I think I found the error.

    I set the header key as algorithm in stead of alg.

    The reason I did this, is because this is the key in the box docs - https://developer.box.com/guides/authentication/jwt/without-sdk/

    I assume the SDKs convert to the correct key.

    0
    コメントアクション パーマリンク

サインインしてコメントを残してください。