search

frasertweedale / hs-jose

Haskell JOSE and JWT library
http://hackage.haskell.org/package/jose
Apache License 2.0
122 stars 46 forks source link

JWK ToJSON instance #73

Closed tmcgilchrist closed 5 years ago

tmcgilchrist commented 5 years ago

I am consuming a token generated by a third party as part of an application and am running into an issue where this FromJSON instance is failing. The field it is trying to decode is longer than 20 and running afoul of this instance.

https://github.com/frasertweedale/hs-jose/blob/master/src/Crypto/JOSE/Types.hs#L168-L172

The field is _jwkX5t in the JWK data type here https://github.com/frasertweedale/hs-jose/blob/18865d7af9d3b16d737f38579643399cf4facc1b/src/Crypto/JOSE/JWK.hs#L157-L169

Is that field a mandatory length of 20, if so is it mentioned in the RFC somewhere? Any context would be appreciated, I'm not fully across the RFCs for this.

tmcgilchrist commented 5 years ago

I think I am running into one of the interoperability issues with Auth0

https://github.com/frasertweedale/hs-jose/blob/88e3639f5e0768481fab3b505cde012bbacaa6a8/README.md#interoperability-issues

frasertweedale commented 5 years ago

Indeed, auth0 produces noncompliant tokens. You'll have to preprocess the token to fix (or drop) the x5t field.