Grégoire Rolland

icon indicating a website link https://www.linkedin.com/in/gr%C3%A9goire-rolland-941b7622 icon indicating an email [email protected]

icon company Flu.Tech icon location Nantes

Results 3 comments of Grégoire Rolland

id_token 'RS256' signature verification failed, client: xxx.xxx.170.207

I have got the same issue with last version (0.1.11). I can reproduce outside nginx with this sample code : ``` local jwt = require "resty.jwt" local jwt_string = "eyAidHlwIjogIkpXVCIsICJraWQiOiAiU3lsTEM2Tmp0MUtHUWt0RDlNdCswemNlUVNVPSIsICJhbGciOiAiUlMyNTYiIH0.eyAiYXRfaGFzaCI6ICJkSExCRWpmekdqeVVUZWVESWwybmRRIiwgInN1YiI6ICJkZW1vIiwgImlzcyI6ICJodHRwOi8vb3BlbmFtL29wZW5hbS9vYXV0aDIiLCAidG9rZW5OYW1lIjogImlkX3Rva2VuIiwgImF1ZCI6IFsgIm5naW54X3JwIiBdLCAib3JnLmZvcmdlcm9jay5vcGVuaWRjb25uZWN0Lm9wcyI6ICI3MmUwOGExNy01ZTY4LTRhNmItOTIxYy1mYjUwZTc2NGZlZDUiLCAiYXpwIjogIm5naW54X3JwIiwgImF1dGhfdGltZSI6IDE1MTY2MjQ3NjYsICJyZWFsbSI6ICIvIiwgImV4cCI6IDE1MTY2MjgzNjYsICJ0b2tlblR5cGUiOiAiSldUVG9rZW4iLCAiaWF0IjogMTUxNjYyNDc2NiB9.A1SoyYHd8Z2HRZLCh-YQtuirv7D0jUt5WUXlU5LJYeMGl0JBHiB5ZJJ8hpX5dCX5_7Fkh4iiZNk95XiwwtqrmW1Pz3u0du7x_79SKmzTAYx7mUztX_5u6zp_awpMuhU1B1mNYqXcPzrS3FScEwvRHZWbTkhg16saEqW4l7NeM80"...

id_token 'RS256' signature verification failed, client: xxx.xxx.170.207

When I renew my keypair (RSA 2048, signing algorithm SHA-256 with RSA), JWT verification is functionnal. I don't know what the type of keypair before, it was the OpenAM 13.5...

id_token 'RS256' signature verification failed, client: xxx.xxx.170.207

My precedent comment confirm this. When the signing key is corrupt, this don't work and it's normal !! Althought the error message is not very clear, I think this issue...