Closed rkc7h closed 2 years ago
Please ignore this request the decoding is working fine now but is complaining
[Thu Jun 17 19:04:40.103854 2021] [authz_core:error] AH01629: authorization failure (no authenticated user): /
Any ideas or suggestion on how to resolve this? We token is bearer token we want the module to look for authenticated user at this point
Never mind I think I can use the Require jwt-claim instead of Require valid-user to go past this issue. Only advise I have is try adding more documentation surrounding the valid-user, claim with more examples and also try printing more appropriate errors like where decoding went wrong if possible :). Other than that this module looks nice and solid and does what it is built for. I had some trouble building for centos but looking stack trace and setting right path as applicable enabled me to build and load the module. I wish it had better ways to seamlessly build it.
The module is installed on apache2 cantos and following the configuration being used
RewriteEngine On RewriteCond %{LA-U:REMOTE_USER} (.+) RewriteRule . - [E=RU:%1] RequestHeader set X-Remote-User "%{RU}e" env=RU
The token being generated elsewhere in a python
We have only setup mod_authnz_jwt to verify the token. Currently the module is detecting the presence of header token and also us using secret key setup to decode but keeps complaining with following logs
[Thu Jun 17 17:20:53.823078 2021] [auth_jwt:error] AH55512: Decoding process has failed, token is either malformed or signature is invalid
But decoding succeed without issue when tried through following python code without issue
Can you please as something seems to be broken at decoding process or library being used to decode in mod_authnz_jwt? Its seems to be almost there. Please help with our setup?