Open alejzeis opened 7 years ago
Are you using botan
or openssl
? Have you tried both?
I have tried both. In the end I wrote an unofficial Derelict binding to the libjwt C library here. I tracked the problem down to a difference of formats in how the JWT is encoded, I solved this problem months ago so I don't really remember what it was exactly. JWTD supported only one and couldn't understand the way JJWT was encoding them, but JJWT could decode both ways. libjwt was able to understand JJWT, so I ended up using that instead through the binding.
I have the following JWT signed using this java library.
I then try to verify the token using the following code:
However, verify returns false, showing that the signature is invalid. The problem is that the signature is valid, and the java library successfully verifies the token. I have also attempted verifying using this Node.JS library, which also works perfectly.
Tokens signed using JWTD with the same keys are successfully verified by JWTD, so I'm not sure what's wrong.
Here are the keys:
EDIT: Tokens signed by JWTD are verified without any problems by JJWT. I'm pretty sure now that it's specific to this library.