erlang-jose icon indicating copy to clipboard operation
erlang-jose copied to clipboard

Published 20 hours ago verified publisher icon potatosalad

JWT - Invalid signature! when using es256

Open Akick opened this issue 4 years ago • 2 comments

I`m creating a push notification for Apple (APNs). Code is simple:

-spec generate_token(binary(), binary(), string()) -> binary().
generate_token(TeamId, KeyId, KeyPath) ->
  PrivateJWK = jose_jwk:from_pem_file(KeyPath),
  JWK = jose_jwk:to_map(PrivateJWK),
  JWS = #{
    <<"alg">> => <<"ES256">>,
    <<"kid">> => KeyId
  },
  JWT = #{
    <<"iss">> => TeamId,
    <<"iat">> => apns_utils:epoch()
  },
  Signed = jose_jwt:sign(JWK, JWS, JWT),
  {_, Token} = jose_jws:compact(Signed),
  Token.

Key is *.p8

But apns answer with:

{403,[{<<"apns-id">>,<<"1294465C-E2AA-61D5-E49A-72E1A3C70BDC">>}],#{<<"reason">> => <<"InvalidProviderToken">>}}

I went to https://jwt.io and got the same answer.

What I do wrong?

Akick avatar Sep 18 '20 16:09 Akick

@Akick did you ever figure out the issue? I have the same problem.

jbosse avatar Mar 08 '22 14:03 jbosse

@jbosse Yup. I used https://github.com/G-Corp/jwerl

Akick avatar Mar 08 '22 19:03 Akick