Can you pust the url with an example id_token ( as...
# talk-hydraa
alert-fall-61725
01/31/2023, 6:23 PMCan you pust the url with an example id_token ( assuming this isn't a public service... ) that is failing for you?
f
fancy-orange-72946
01/31/2023, 7:03 PMActually I can't 🫤 But it's something like this: https://hostname.net/clienthydra/latest/oauth2/sessions/logout?id_token_hint=ey[...]J9.eyJ[...]fQ.Lm[...]bw . But I'm not urlencoding the token or surrounding it by quotes. I actually can decode it and see the headers and payload info. And it all seems ok. A header example:
{
"typ": "JWT",
"alg": "RS256",
"kid": "-KI3T9nNR7bRpfxmeZoXsbHZGew"
}
And the payload brings the info related to the user.
Actually, before I was having this error: error_hint=crypto/rsa: verification error. So I updated hydra from v1.9.0 to v.1.11.10, and the response error changed to "error_hint=square/go-jose: error in cryptographic primitive". Can this problem be related to the version?
Don't know if it helps. 🫤 But thanks again!
fancy-orange-72946
02/03/2023, 10:17 AMHi @alert-fall-61725 is there anything else that I can try? Thanks!
fancy-orange-72946
02/06/2023, 6:24 PMAfter studying it a little bit more and trying it out, I've managed to check that Hydra can parse my jwt without problem but when it comes to verify the signature it fails.
To be more specific in this part:
if isSignedToken {
if err := parsedToken.Claims(verificationKey, &claims); err != nil {
return token, &ValidationError{Errors: ValidationErrorSignatureInvalid, text: err.Error()}
}
}
Is there something missing?
7 Views