verify_rsa no method 'verify' for class String

[stantoncbradley]

I recently switched my encoding algorithm from HS256 to RS256 and can no longer verify my tokens. Line 59 in jwt.rb seems to be the problem:

public_key.verify(OpenSSL::Digest.new(algorithm.sub('RS', 'sha')), signature, signing_input)

raises a no method error, no method 'verify' for type String. My public key is a string (no sure what else it should be?), and I don't see verify defined anywhere. What am I missing?

Thanks!

[stantoncbradley]

For context, I'm using Auth0 and Knock, if that helps.

[stantoncbradley]

This seems to be a limitation of Knock, not ruby-jwt. Apologies.

[AugustoPedraza]

@stantoncbradley I'm getting the same error, could you please share as you did fix it?

[stantoncbradley]

@AugustoPedraza I was using Knock to pass my JWT to ruby-jwt and Knock didn't support RS256 so it wasn't passing in the proper params. Adding support for RS256 on Knock fixed my issue. ruby-jwt works fine for me after that, make sure you are passing the proper params. It's been awhile since I worked on this so I probably won't be able to give you much more details on what could be wrong with your payload. Like I said, I think your issue is upstream from ruby-jwt (at least mine was). Hope that helps!

[AugustoPedraza]

@stantoncbradley thanks for your reply. I was getting the same error because I was using an invalid Auth0 workflow to get my JWT.

[jessecravens]

@AugustoPedraza can you elaborate on 'using an invalid Auth0 workflow to get my JWT' , Im having the same issue, but fairly certain that Im using a proper workflow, and my JWT validates and signature verifies at jwt.io

@stantoncbradley In regards to Adding support for RS256 on Knock fixed my issue. Can you elaborate? Did you 'add support for RS256' manually? The knock tests lead me to believe there is support: https://github.com/nsarno/knock/blob/master/test/model/knock/auth_token_test.rb#L20 and I seem to be passing the proper params, but still not 100% positive.

Still digging.

And this leads me to believe that RS256 support still isn't baked into knock: auth0-samples/auth0-rubyonrails-api-samples#4

But the tests seem to indicate that support is there : https://github.com/nsarno/knock/blob/7fb00e36b8a1db188d2258eb28dbc56441385302/test/model/knock/auth_token_test.rb#L20

I think it could be that Im referencing the public key incorrectly in knock.rb, not handling new lines, or perhaps I should read the .pem directly from the filesystem? Any ideas?

[jessecravens]

I got this working, as I expected I was passing in the token_public_key incorrectly. nsarno/knock#148