Questions tagged [jwt]

JSON Web Token (JWT, pronounced "jot") is an emerging type of token-based authentication used in space-constrained environments such as HTTP Authorization headers.

Filter by
Sorted by
Tagged with
0
votes
1answer
14 views

Laravel jwt auth Token Signature could not be verified

I am facing a very strange problem. If I enter this following url in my browser it returns the user correctly http://192.168.0.100:8000/app/getUser?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9....
0
votes
0answers
7 views

OpenResty + JWT token

I set up openresty with LUA this way: export JWT_SECRET="7iN_whateverpsfmjkldfsklmjmlkjsdflmkjsdfmklj" export JWT_SECRET_IS_BASE64_ENCODED=false Launch openresty manually: /usr/local/openresty/...
0
votes
0answers
11 views

Can not decode a different version encoded JWT token

I'm trying to figure out why Laravel 5.8 / "tymon/jwt-auth": "^0.5.12" JWT token created fromUser() is failing to be decoded in Laravel 4 / "tymon/jwt-auth": "0.4.*". Trying to debug for the past 4 ...
0
votes
0answers
25 views

Automatically Updating the records after inserting in jpa Spring Boot

I have create a jpa entity Order , OrderItems, OrderBatches and OrderBatchStages and created unidirectional OneToMany Relationships between them. The Problem is that when i insert a new record (new ...
0
votes
0answers
23 views

Generate a valid ES256 signature in Java

I'm trying to integrate Apple Map Web Snapshot which needs a signature query parameter in the URL. I able to successfully generate and validate ES256 signature in JWA package from NPM but not in Java. ...
0
votes
0answers
15 views

Spring Security JWT Example without spring boot

I have a Spring 5 MVC/REST application. i using JPA Hibernate as the ORM. I want to secure my application. All examples I see are based on Spring Boot. I want use jwt in my application. I want without ...
1
vote
1answer
25 views

Where is the expiration of JWT (Json Web Token) saved?

I think the JSW certification flow is as follows. (the client) call api with id and password in login page (the server) return token (HEADER . CLAIM . SECRETKEY) to client (the client) save the token ...
0
votes
0answers
13 views

Where to store access token(JWT) on SPA when server is on another domain

My frontend is on domain1 and backend is on domain2, meaning communication is cross site. On user authentication server responds with JWT token. Question is: Where do I safely store that token client-...
1
vote
1answer
20 views

SignalR Core Android client with JWT authintication returning NULL

i'm building an android application that communicate with asp.net core signalR hub , every thing was good without the authentication, actually i cant figure it out. the is in Web APi and i use JWT for ...
0
votes
0answers
17 views

Cors issues with JWT Authentication for WP REST API and local React project

I succesfully installed "JWT Authentication for WP REST API" and followed (and reviewed multiple times) the instructions for setup correctly. My React app does authenticate via the /jwt-auth/v1/token-...
0
votes
1answer
7 views

Enable Authorize button in springdoc-openapi-ui for Bearer Token Authentication (JWT)

How to enable "Authorize" button in springdoc-openapi-ui (OpenAPI 3.0 /swagger-ui.html) for Bearer Token Authentication, for example JWT. What annotations have to added to Spring @Controller and @...
0
votes
0answers
25 views

Not able to do JWT authentication in React and Redux

Basically, I'm trying to persist the user after the user is logged in. So, when the user logs in, I'm storing the token in localStorage. Now in the main component App.js, I'm dispatching an action ...
0
votes
1answer
22 views

Scala Lagom development mode & Docker

we have a Scala service built on top of Lagom. We use JWT to authenticate the connections when deployed. Locally we developers use sbt runAll to run our service. This works fine and it circumvents ...
1
vote
1answer
20 views

How to use Authorization and JWT with Istio

In short summary I am planning on my services handling their own authorization as it relates to internal authorization ie can the user have access to a particular object (content:1234) What I ...
0
votes
0answers
14 views

how to scaffold a nodejs project with auth like in laravel

I'm new to nodejs, trying to learn it for the purpose of applying it in as a web developer at work (creating enterprise web applications, not demo projects for fun) I'm coming from Laravel, where it'...
2
votes
0answers
22 views

How to integrate spring security authentication using public key in multi-module project in spring boot?

My project is multi-module base. like, > e-commerce > auth-service > .../AuthService.java > pom.xml > category-product-service > .../...
0
votes
1answer
21 views

Is there any advantage using UserDetailsService of Spring Security, when setting membership with JWT?

I'm applying JWT to authenticate the requests. Parsing and Validating works in my Spring Cloud Gateway. I made a custom filter on SecurityWebFilterChain, which parse and validate the JWT in request ...
0
votes
0answers
16 views

How to modify the access token format in Keycloak

I have obtained an access_token from KeyCloak by using the provided company private key. My problem is, when I decoded the jwt access_token using jwt.io I see iss:, aud: are different than the token I ...
1
vote
0answers
22 views

Verifying firebase custom token with public key doen't work

Server side, i'm creating a custom tokens using a third-party JWT library I'm using the private key token from the service account JSON file to sign the JWT. I want to verify the token with the ...
0
votes
0answers
25 views

Python JSON Web token (JWT) GET request 401 error with Apple Store Connect

In order to generate the token for API Requests, apple outlines the following steps. The key, kid, and iss have all been verified to work. However in the following python script, import jwt import ...
0
votes
0answers
12 views

How to get the User pool token from Hosted UI on AWS Cognito

I am wanting to use the Hosted UI option in AWS Cognito so I don't have to build my own login page. Most Cognito examples I see include custom built login pages using the Amplify-js framework. I'm ...
0
votes
1answer
29 views

How can I decode a JWT token which I received a REST API in Swift?

So I have two functions - one which authenticates the user so he can log in and returns a JWT token which should be verified by the second function in order to see whether the user is logged in or not ...
0
votes
0answers
10 views

Microsoft Graph Expired Token

I'm trying to perform a request in Microsoft Graph like this one with Postman https://graph.windows.net/<Tenant>/users?api-version=1.6 For the Authorization, I'm using Bearer. I'm retrieving ...
0
votes
0answers
14 views

Spring boot JWT Auth details are null

I created Spring boot app using Jhipster. I wanted to create listener that will catch failed authentication. @Component public class AuthenticationFailureListener implements ApplicationListener<...
0
votes
0answers
18 views

Use redux function after refresh token JWT

I have functions export function configureInterceptors(store) { axios.interceptors.response.use( response => response, error => { if (error.response && error.response....
0
votes
0answers
14 views

What's the right place to issue and then to check JWT-token?

So far I've found 2 implementations Extend UsernamePasswordAuthenticationFilter, override attemptAuthentication() to check username and password, override successfulAuthentication() to issue JWT-...
0
votes
0answers
18 views

Spring fails for userinfo endpoint returning signed JWT

We're working on a Spring Boot application that is an OIDC client. The identity provider (IdP) is a third-party service and fully OpenID Connect and OAuth 2.0 compliant (as far as we can tell). As it'...
0
votes
0answers
23 views

Is there a python equivalent of the node jwa package? [closed]

I am trying to sign a string using a private key as per the examples here https://www.npmjs.com/package/jwa There is a very simple sign method which is easily understood. I need to do this in ...
0
votes
1answer
20 views

Keycloak, How to secure spring boot back end that doesn't serve web pages?

I have a front end that I secured with keycloak by having our login page make a POST request to the Keycloak server, so I can get the access token (JWT). We do not use the kecloak provided login page. ...
-1
votes
0answers
24 views

Cross-Origin Request Blocked on generating auth token by a post [duplicate]

I have an server side API written in ASP.NET Core 3 MVC. Nginx is acting as a proxy for Apache. I am trying to add authentication by generating JWT tokens. Running this client-side JavaScript to test ...
1
vote
2answers
28 views

Can't install JWT via composer

I'm trying to install JWT in laravel but after a while I get this error. I had installed it before but I had to remove it (using composer remove) because I was not using it Img: Error
0
votes
1answer
26 views

Flask and PyJWT retrieve authorization header

There is a REST client that makes HTTP requests to the server. REST client sends a request which contains a header Authorization=Bearer someValidBase64 Now I have a server application in Python 3.8, ...
0
votes
0answers
19 views

How to convert Azure cookie AppServiceAuthSession to a valid OAuth JWT access token?

In Azure I have an App Service which hosts an SPA and ASP.NET Core WebAPI. Azure App Service I have activated Authentication Authentication active in App Service When I try to access the SPA I am ...
0
votes
1answer
58 views

.NET generating invalid JWT tokens

I am generating a JWT token in my WindowsService using IdentityModel.Tokens.Jwt, like so: private JwtSecurityToken GetJwtToken() { var symmetricSecurityKey = new SymmetricSecurityKey(...
0
votes
0answers
19 views

response received in postman even after application is logout

I am working on a angular 8 ,node 11 based application .I am following following steps 1)I am making a valid request to search address from the browser . 2)i am capturing this valid request from ...
0
votes
2answers
29 views

How can I modify the validity of a JwtSecurityToken?

I create a JwtSecurityToken in my project. SymmetricSecurityKey key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(constant.securityKey)); Claim[] claims = new Claim[] { new Claim(...
0
votes
0answers
13 views

tymon/jwt-auth makes laravel homepage redirect to login [closed]

I've already followed the official docs to setup JWT but when i log in into laravel, it doesn't redirect me to the homepage and keeps going to /login but when i change the default guards => 'web' ...
0
votes
0answers
25 views

Error java.lang.NoClassDefFoundError: com/auth0/jwt/algorithms/Algorithm

I have created a plugin for openfire and this pluging using java-jwt , after adding plugin into openfire error is comming like this java.lang.NoClassDefFoundError: com/auth0/jwt/algorithms/...
1
vote
0answers
24 views

Using tymon/jwt-auth function instead of laravel default

How do i actually use the login function in AuthController which generate the JWT token with laravel blade? Because right now the blade is using the default laravel login function which just redirect ...
0
votes
0answers
9 views

why jwt.sign method only uses string value?

I am trying to learn jwt authentication token, but I was stuck in one bug that took time to find. this line works fine. const token = jwt.sign({ foo: 'bar' }, 'shhhhh'); But this line doesn't work....
0
votes
0answers
13 views

Docebo oAuth2 JWT bearer- Public key invalid

Currently, I am integrating docebo API with python rest client. While creating an oAuth2 application in docebo with JWT bearer grant permission they are asking to upload the public key. I have ...
0
votes
1answer
25 views

What causes error 400 in axios post request?

I am writing a cli in oclif that consumes data from a rest api written in node.js . I am trying to perform a post request that sends username and password, receives a token from the api and verifies ...
1
vote
2answers
40 views

Options for token storage and refresh in SPAs

I've been reading Aaron Parecki's draft of browser-based apps' (meaning SPAs like those developed with React or Angular) authentication best practices with OAuth 2 as well as OWASP security guidelines,...
0
votes
1answer
21 views

What is the difference between AddJwtBearer and AddOpenIdConnect in .NET Core Authentication?

I've been looking into the basics of .NET Core Authentication using Azure AD for an API that I'm building and I've been trying to find information about the authentication schemes. I get the ...
-1
votes
0answers
22 views

Symfony phpunit test JWT token not working

I am trying to do the tests for my Restful API, but even though I sent the token through the headers with PHPUnit, the server always responds with: 401: JWT Token not found. I would like to know what ...
0
votes
1answer
29 views

Trying to decode jwt token from server side

I have created a CLI with which I consume a data from a rest api I build with node.js and express.js. In the cli the user has to login and after that when he performs a query his data are passed as a ...
-1
votes
0answers
21 views

Protecting routes using stored jwt

I have created a back end for my login application and I am now storing these locally using npm store. How would I then use this to protect my routes within my App.js file( Just basic App.js which ...
1
vote
1answer
28 views

How to pass a JWT for a microservice and for a user

I'm working on constructing a system that is based on the microservice architecture. The microservices are created using Asp.Net Core 3.1. A simplified high level diagram is shown below: I would ...
0
votes
0answers
19 views

Should JWT's be validated on every request?

I have been unable to find a definitive answer to the above question. We currently use JWTs from AWS Cognito for our Authentication. Currently the JWTs that are returned are too large to use in ...
-1
votes
0answers
9 views

saving jwt in local storage for protected routes (express/react/jsonwebstokens) [duplicate]

I simply want to save my token into local storage so that I can use it for protected routes. Below is my handle submit which is fired from the login form being used this goes to express backend and ...