Micorsoft Entra ID and msal-browser/2.37.1 error validation access token

TheNetworg / oauth2-azure

Azure AD provider for the OAuth 2.0 Client.

https://packagist.org/packages/thenetworg/oauth2-azure

MIT License

229 stars 108 forks source link

Micorsoft Entra ID and msal-browser/2.37.1 error validation access token #202

Closed Sampei4 closed 2 months ago

Sampei4 commented 9 months ago

Hi, I get the following error when I try to validate the access token:

Firebase\JWT\SignatureInvalidException: Signature verification failed
vendor\thenetworg\oauth2-azure\src\Provider\Azure.php(277): Firebase\JWT\JWT::decode()
TheNetworg\OAuth2\Client\Provider\Azure->validateAccessToken()

al-n commented 7 months ago

I have the same issue - could you solve it or does anyone else know what the problem is?

beriba commented 3 months ago

I don't know if that's still relevant for you but I managed to get rid of this error by using idToken instead of accessToken. The internet says that may have some security implications but by reading the code from this repo, I think that's the only option to make it work