JWT token : invalid signature

[stephwildcode]

Hello,

I'm trying to use authentication with socketcluster.

My environment is : -node 16.16.0 LTS -socketcluster client 16.1.1 + apache cordova + angular 14 -scc-worker with docker desktop for windows -scc-broker with docker desktop for windows -scc-state with docker desktop for windows

I followed the documentation and i put a jsonwebtoken in localstorage with socketcluster.authToken

// Server code to sign the token 

 const token = jwt.sign({      
      username: user.username
  }, SCC_AUTH_KEY, { expiresIn: '4 hours' })

// Client code to use the token 

this.authService.loginJWT().subscribe({
                next: (data) => {
                    this.tokenStorage.saveTokenJWT(data.access_token);
                    console.log('login jwt ok!');
                    console.log('token jwt : ' + JSON.stringify(data));

                    const options = {
                        hostname: this.px069Api,
                        port: this.px069ApiPort
                    };
                    this.socket = socketClusterClient.create(options);
                    console.log('socket', this.socket);

                    (async () => {
                        for await (const {error} of this.socket.listener('error')) {
                            console.error(error);
                        }
                    })();

                    (async () => {
                        for await (const event of this.socket.listener('connect')) {
                            console.log(event);
                            if (event.isAuthenticated) {
                                console.log('Authenticated : Socket is connected from android');
                            } else {
                                console.log('Failed to authenticate !');
                            }
                            //console.log('Socket is connected from android');
                        }
                    })();

                },
                error: (err) => {
                    console.log('error jwt : ' + JSON.stringify(err));
                }
            }
        );

When i ran the apk, i have this error message :

{id: 'QvcJN9s_8hswHlUeAAAA', pingTimeout: 20000, authError: AuthTokenInvalidError: invalid signature
    at re.exports.hydrateError (http://127.0.0.1:4200/main…, isAuthenticated: false, authToken: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZ…kxNn0.8gjOUrlP79FxBgWhq2zDQjeQZmyBn6XdfI1Ccyx85HM', …}
authError: AuthTokenInvalidError: invalid signature at re.exports.hydrateError (http://127.0.0.1:4200/main.js:1:779064) at U.<anonymous> (http://127.0.0.1:4200/main.js:1:713575) at Generator.next (<anonymous>) at Ie (http://127.0.0.1:4200/main.js:1:819515) at C (http://127.0.0.1:4200/main.js:1:819734) at w.invoke (http://127.0.0.1:4200/polyfills.js:1:127164) at Object.onInvoke (http://127.0.0.1:4200/main.js:1:99962) at w.invoke (http://127.0.0.1:4200/polyfills.js:1:127103) at w.run (http://127.0.0.1:4200/polyfills.js:1:122191) at http://127.0.0.1:4200/polyfills.js:1:138162
authToken: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6ImFkbXJvb3QiLCJpYXQiOjE2NjAwNTc1MTYsImV4cCI6MTY2MDA3MTkxNn0.8gjOUrlP79FxBgWhq2zDQjeQZmyBn6XdfI1Ccyx85HM"
id: "QvcJN9s_8hswHlUeAAAA"
isAuthenticated: false
pingTimeout: 20000
processPendingSubscriptions: ()=>{this.processPendingSubscriptions()}

I've tried to solve the issue for several hours without success.

Can you help me to find what's wrong with this token ?

thanks !

[stephwildcode]

Hello,

I solved the issue with this code :

replace SCC_AUTH_KEY with agServer.signatureKey

// Server code to sign the token 

 const token = jwt.sign({      
      username: user.username
  }, agServer.signatureKey, { expiresIn: '4 hours' })

-> I don't know why i can't use the SCC_AUTH_KEY variable but it'working !

Have a good day.