lua-resty-jwt icon indicating copy to clipboard operation
lua-resty-jwt copied to clipboard

Published 20 hours ago verified publisher icon SkyLothar

"jwt.lua": HS256 signature validation fails which reason as "internal error"

Open sanjamoh19781 opened this issue 6 years ago • 9 comments

My env:

  • nginx version: openresty/1.13.6.2
  • JWT lua scripts -> https://github.com/auth0/nginx-jwt/releases/download/v1.0.1/nginx-jwt.tar.gz - The default FFI adapter bundled -> --with-ld-opt='-Wl,-rpath,/usr/local/openresty/luajit/lib

After debug i stuck up at hmac.lua at function _M.new(self, key, hash_algo). It seems it returns "nil' to the caller in JWT.lua. I doubt something going worng with 'require "ffi"' in hmac.lua, though not sure.

Log snippet from nginx error.log: 2018/05/30 13:42:41 [warn] 11009#11009: *1 [lua] jwt.lua:109: my signsecret3, client: 127.0.0.1, server: , request: "POST /pps/v3/core/bookings/createEventBooking HTTP/1.1", host: "localhost:8080" 2018/05/30 13:42:41 [warn] 11009#11009: *1 [lua] hmac.lua:92: new(): inside hmac(in new)secret3, client: 127.0.0.1, server: , request: "POST /pps/v3/core/bookings/createEventBooking HTTP/1.1", host: "localhost:8080" 2018/05/30 13:42:41 [warn] 11009#11009: *1 [lua] nginx-jwt.lua:51: auth(): Invalid token: internal error, client: 127.0.0.1, server: , request: "POST /pps/v3/core/bookings/createEventBooking HTTP/1.1", host: "localhost:8080"

Any help appreciated?

Thanks, Sanjay

sanjamoh19781 avatar May 31 '18 11:05 sanjamoh19781

I am having the same problem here. OpenResty version is 1.13.6.2

I am trying to verify a JWT token (I can verify it in jwt.io), but the result is negative, with HS256 algorithm and reason 'internal error'.

Any ideas on when has this started to happen?

Thanks

albertaparicio avatar May 31 '18 15:05 albertaparicio

I have downgraded the openresty, openresty-opm and openresty-resty packages back to version 1.13.6.1 and it all works fine.

albertaparicio avatar Jun 01 '18 10:06 albertaparicio

Apologies for not seeing the post since long. Thank you @albertaparicio for the info. Infact i had tried with a older version before, still it did not work. Let me see to do it with a new VM.

sanjamoh19781 avatar Jun 04 '18 06:06 sanjamoh19781

Replace the hmac.lua (sum 48606) with the one at https://github.com/jkeys089/lua-resty-hmac (sum 54340) and it all works again

cliveeisen avatar Jun 11 '18 07:06 cliveeisen

@cliveeisen Thank you, u tip works for me !!!!

dolivervl avatar Jul 26 '18 17:07 dolivervl

I have meet this problem. Downgrade the Openresty version works for me.

My case:

  1. It worked fine with Openresty version 1.11.2.5.
  2. Then I upgraded Openresty, its version is 1.13.6.1.
  3. It showed 'internal error' when i used JWT library to verify user's token. I had tried multiple ways to solve this problem, but none of them worked.
  4. Finally, I returned back to 1.11.2.5 , everything is ok.

and1990 avatar Aug 03 '18 10:08 and1990

The OpenSSL version used by Openresty 1.13.6.2 was upgraded to 1.1.0.

Must upgrade the dependent of lua-resty-hmac.

lwhile avatar Feb 13 '19 06:02 lwhile

see https://github.com/SkyLothar/lua-resty-jwt/issues/85 for the alternative repo for this lib

zandbelt avatar Feb 13 '19 06:02 zandbelt

Replace the hmac.lua (sum 48606) with the one at https://github.com/jkeys089/lua-resty-hmac (sum 54340) and it all works again

after replace hmac.lua, it works

EtachGu avatar May 25 '19 14:05 EtachGu