Closed danieleperilli closed 2 months ago
In the underlying library firebase/jwt
the second argument be an instance of Key
: https://github.com/firebase/php-jwt/blob/main/src/JWT.php#L98. It shouldn't be able to accept a string which is what get_jwt_secret()
returns.
Yes, it was because I had a previous version of firebase/jwt
used by another plugin. Thanks!
Description of the bug
After generating a token and verified that it was passed to REST API calls, any call returns "Error authentication with token: Algorithm not allowed". I verified the token with https://jwt.io/ and everything is correct (and the signature is verified). After analyzing your code, I changed this part:
$decoded = JWT::decode( substr( $jwt, 7 ), new Key( get_jwt_secret(), 'HS256' ) );
to:
$decoded = JWT::decode( substr( $jwt, 7 ), get_jwt_secret(), ['HS256'] );
and it started working. Is this a known error or my misconfiguration somewhere? Thanks!
Steps To Reproduce
Additional Information
No response