Skip to content

NimbusJwtDecoder.withSecretKey() does not work with JWT that contains kid  #7056

New issue
New issue
Closed
Closed
NimbusJwtDecoder.withSecretKey() does not work with JWT that contains kid #7056
Assignees
jzheaux
Labels
in: oauth2An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
Milestone
 
5.2.0.M4
@jzheaux

Description

@jzheaux
jzheaux
opened on Jun 28, 2019

Related to #7049

Summary

When using NimbusJwtDecoder.withSecretKey() to decode a JWT token that contains a kid the decoding always fails as the provided SecretKey does not match.

Actual Behavior

Signed JWT rejected: Another algorithm expected, or no matching key(s) found is raised, because no match key is found (JWT token contains key, provided secret key not).

Expected Behavior

As I specify the public key to used, the jwt token should be tried to be verified using this key. There is no need to find a matching key.

Version

5.2.0.M2

Sample

SecretKey verificationKey = // ... some key
String token = "someTokenWithKid";
NimbusJwtDecoder decoder = NimbusJwtDecoder.withSecretKey(secretKey).build();
decoder.decode(token);

Metadata

Metadata

Assignees

Labels

in: oauth2An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions