omniauth-openid-connect
omniauth-openid-connect copied to clipboard
jjbohn
Invalid JSON Format
Hello, When trying to use the gem in my application to authenticate using a third parti OIDC Server, i am having an "Invalid JSOn Format" error as described in the log output below.I used the gem for two years without any issue and without change to the OIDC server and all of a sudden i got that message that is coming at the callback phase to the application COuld someone help? Best
Invalid JSON Format
Rails.root: /usr/src/bustickets
Application Trace | Framework Trace | Full Trace
json-jwt (1.9.4) lib/json/jose.rb:66:in rescue in decode' json-jwt (1.9.4) lib/json/jose.rb:60:in decode'
/usr/local/rvm/gems/ruby-2.1.1/bundler/gems/openid-connect-xc-5b0df1fd5339/lib/openid_connect/response_object/id_token.rb:60:in decode' /usr/local/rvm/gems/ruby-2.1.1/bundler/gems/omniauth-openid-connect-xc-d9d4d6cfd177/lib/omniauth/strategies/openid_connect.rb:174:in decode_id_token'
/usr/local/rvm/gems/ruby-2.1.1/bundler/gems/omniauth-openid-connect-xc-d9d4d6cfd177/lib/omniauth/strategies/openid_connect.rb:163:in block in access_token' /usr/local/rvm/gems/ruby-2.1.1/bundler/gems/omniauth-openid-connect-xc-d9d4d6cfd177/lib/omniauth/strategies/openid_connect.rb:170:in call'
/usr/local/rvm/gems/ruby-2.1.1/bundler/gems/omniauth-openid-connect-xc-d9d4d6cfd177/lib/omniauth/strategies/openid_connect.rb:170:in access_token' /usr/local/rvm/gems/ruby-2.1.1/bundler/gems/omniauth-openid-connect-xc-d9d4d6cfd177/lib/omniauth/strategies/openid_connect.rb:102:in callback_phase'
omniauth (1.4.2) lib/omniauth/strategy.rb:227:in callback_call' omniauth (1.4.2) lib/omniauth/strategy.rb:184:in call!'
omniauth (1.4.2) lib/omniauth/strategy.rb:164:in call' omniauth (1.4.2) lib/omniauth/strategy.rb:186:in call!'
omniauth (1.4.2) lib/omniauth/strategy.rb:164:in call' omniauth (1.4.2) lib/omniauth/strategy.rb:186:in call!'
omniauth (1.4.2) lib/omniauth/strategy.rb:164:in call' omniauth (1.4.2) lib/omniauth/strategy.rb:186:in call!'
omniauth (1.4.2) lib/omniauth/strategy.rb:164:in call' omniauth (1.4.2) lib/omniauth/strategy.rb:186:in call!'
omniauth (1.4.2) lib/omniauth/strategy.rb:164:in call' warden (1.2.6) lib/warden/manager.rb:35:in block in call'
warden (1.2.6) lib/warden/manager.rb:34:in catch' warden (1.2.6) lib/warden/manager.rb:34:in call'
rack (1.5.5) lib/rack/etag.rb:23:in call' rack (1.5.5) lib/rack/conditionalget.rb:25:in call'
rack (1.5.5) lib/rack/head.rb:11:in call' remotipart (1.2.1) lib/remotipart/middleware.rb:27:in call'
actionpack (4.1.5) lib/action_dispatch/middleware/params_parser.rb:27:in call' actionpack (4.1.5) lib/action_dispatch/middleware/flash.rb:254:in call'
rack (1.5.5) lib/rack/session/abstract/id.rb:225:in context' rack (1.5.5) lib/rack/session/abstract/id.rb:220:in call'
actionpack (4.1.5) lib/action_dispatch/middleware/cookies.rb:560:in call' activerecord (4.1.5) lib/active_record/query_cache.rb:36:in call'
activerecord (4.1.5) lib/active_record/connection_adapters/abstract/connection_pool.rb:621:in call' activerecord (4.1.5) lib/active_record/migration.rb:380:in call'
actionpack (4.1.5) lib/action_dispatch/middleware/callbacks.rb:29:in block in call' activesupport (4.1.5) lib/active_support/callbacks.rb:82:in run_callbacks'
actionpack (4.1.5) lib/action_dispatch/middleware/callbacks.rb:27:in call' actionpack (4.1.5) lib/action_dispatch/middleware/reloader.rb:73:in call'
actionpack (4.1.5) lib/action_dispatch/middleware/remote_ip.rb:76:in call' rollbar (2.15.4) lib/rollbar/middleware/rails/rollbar.rb:24:in block in call'
rollbar (2.15.4) lib/rollbar.rb:145:in scoped' rollbar (2.15.4) lib/rollbar/middleware/rails/rollbar.rb:22:in call'
better_errors (2.1.1) lib/better_errors/middleware.rb:59:in call' actionpack (4.1.5) lib/action_dispatch/middleware/debug_exceptions.rb:17:in call'
rollbar (2.15.4) lib/rollbar/middleware/rails/show_exceptions.rb:22:in call_with_rollbar' actionpack (4.1.5) lib/action_dispatch/middleware/show_exceptions.rb:30:in call'
railties (4.1.5) lib/rails/rack/logger.rb:38:in call_app' railties (4.1.5) lib/rails/rack/logger.rb:22:in call'
quiet_assets (1.1.0) lib/quiet_assets.rb:27:in call_with_quiet_assets' request_store (1.3.2) lib/request_store/middleware.rb:9:in call'
actionpack (4.1.5) lib/action_dispatch/middleware/request_id.rb:21:in call' rack (1.5.5) lib/rack/methodoverride.rb:21:in call'
rack (1.5.5) lib/rack/runtime.rb:17:in call' activesupport (4.1.5) lib/active_support/cache/strategy/local_cache_middleware.rb:26:in call'
rack (1.5.5) lib/rack/lock.rb:17:in call' actionpack (4.1.5) lib/action_dispatch/middleware/static.rb:64:in call'
rack (1.5.5) lib/rack/sendfile.rb:112:in call' railties (4.1.5) lib/rails/engine.rb:514:in call'
railties (4.1.5) lib/rails/application.rb:144:in call' rack (1.5.5) lib/rack/content_length.rb:14:in call'
thin (1.7.0) lib/thin/connection.rb:86:in block in pre_process' thin (1.7.0) lib/thin/connection.rb:84:in catch'
thin (1.7.0) lib/thin/connection.rb:84:in pre_process' thin (1.7.0) lib/thin/connection.rb:53:in process'
thin (1.7.0) lib/thin/connection.rb:39:in receive_data' eventmachine (1.2.1) lib/eventmachine.rb:194:in run_machine'
eventmachine (1.2.1) lib/eventmachine.rb:194:in run' thin (1.7.0) lib/thin/backends/base.rb:73:in start'
thin (1.7.0) lib/thin/server.rb:162:in start' rack (1.5.5) lib/rack/handler/thin.rb:16:in run'
rack (1.5.5) lib/rack/server.rb:264:in start' railties (4.1.5) lib/rails/commands/server.rb:69:in start'
railties (4.1.5) lib/rails/commands/commands_tasks.rb:81:in block in server' railties (4.1.5) lib/rails/commands/commands_tasks.rb:76:in tap'
railties (4.1.5) lib/rails/commands/commands_tasks.rb:76:in server' railties (4.1.5) lib/rails/commands/commands_tasks.rb:40:in run_command!'
railties (4.1.5) lib/rails/commands.rb:17:in <top (required)>' bin/rails:4:in require'
bin/rails:4:in `
Hi jengweneg Can you provide the JSON you're trying to parse? And the corresponding algorithm(s)? What kind of JWT is it? JWS, JWE? Are your certificates still up to date? There are several reasons it could fail.
There are basically two cases this exception is thrown, JSON Parse Error or an Argument Error. https://github.com/nov/json-jwt/blob/v1.9.4/lib/json/jose.rb#L66 Did you update the json-jwt gem?
Hi Tobias, Thank for your reply, I am not a ruby expert nor a security expert Yes i updated the gem It has been working for months and months and all of a sudden stopped working I guess the JSON that is parsed is the ID token. The algos are the standards ones i guess
The only thing that has changed in my system is this file /usr/local/rvm/gems/ruby-2.1.3/gems/activesupport-4.1.5/lib/active_support/security_utils.rb
Can the problem be linked to this? Thanx a lot for your help Regards Eric
De : Tobias Flühmann [email protected] Envoyé : samedi 24 novembre 2018 00:06 À : jjbohn/omniauth-openid-connect Cc : Jengweneg; Author Objet : Re: [jjbohn/omniauth-openid-connect] Invalid JSON Format (#84)
Hi jengweneg Can you provide the JSON you're trying to parse? And the corresponding algorithm(s)? What kind of JWT is it? JWS, JWK? Are your certificates still up to date? There are several reasons it could fail.
There are basically two cases this exception is thrown, JSON Parse Error or an Argument Error. https://github.com/nov/json-jwt/blob/v1.9.4/lib/json/jose.rb#L66 Did you update the json-jwt gem?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/jjbohn/omniauth-openid-connect/issues/84#issuecomment-441327894, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AGr6bRHvESpdlRU2l9-sZwmtohCQvimBks5uyH90gaJpZM4YvjsI.