Brian Demers
Brian Demers
Static username/passwords are great for quick examples, but it isn't a real world use-case (or at least it shouldn't be). That said, we do need to update this example.
@yhojann-cl can you try with the latest version of JJWT? See: https://github.com/jwtk/jjwt#installation If that still fails can you update the exception? Also, if you can include dependency tree that would...
I'm not sure I'm following, your dependency tree lists: `com.auth0:java-jwt:4.0.0` (I don't see `io.jsonwebtoken` in that list) and your original exception shows version jjwt-0.9.1 instead of the latest: `0.11.5` See...
Not directly, but it’s pretty easy to add a custom key resolver to do it. https://github.com/okta/okta-jwt-verifier-java/blob/master/impl/src/main/java/com/okta/jwt/impl/jjwt/RemoteJwkSigningKeyResolver.java (Mobile, sorry for the brief response) If this doesn’t help let me know
You can use JJWT to validate an JWT access token, but each IdP will have different guidelines as to which additional claims to validate. Which IdP are you using? Note:...
Is anything different between those instances? JVM, version of JJWT, configuration, etc?
How are your JWTs created? from some third-party service out of your control? Are you caching your keys? Could the failed nodes be using the old key? What does your...
Any chance you captured one of the JWTs that failed to validate? That might help narrow down the issue too. A couple of things stick out in your `resolveSigningKey` function:...
This assumes that the `kid` is `null`, but the problem I could see is annotated below. (which if it's a publicly accessible server this _could_ be the case,) ```kotlin override...
What do your logs show? Did you fix the threading issue?