Closed robtweed closed 5 years ago
@robtweed
Can you provide the private key with which this is happening? (obviously not the one you use).
Also a snippet of how you discover the issuer and instantiate the client.
Thank you.
Many thanks - Can I send by private message?
I'd prefer you share here, hence asking you not to provide your actual private key material.
Tricky since the problem is with the private key whose public key we're registered on the OIDC Provider
Is the issue ONLY happening with that private key and not others? I'd really like you to provide steps to reproduce but if it helps send an email with a private gist that you can delete when we're done looking into this.
The issuer configuration object is { "client_id": "", "client_secret": "", "token_endpoint_auth_method": "private_key_jwt", "token_endpoint_auth_signing_alg": "RS512", "token_endpoint_auth_signing_alg_values_supported": [ "RS512" ], "id_token_signed_response_alg": "RS512" }
I had this working on their test OIDC Provider with the same private/public key pair
client_id and client_secret nulled out - I do specify actual values :-)
Do you recognize a difference between Issuer and Client configuration? What's the issuer and how do you instantiate? Discovery or manually? I really need more tangible and well-formatted input if i'm to help and not waste time :) Private material via email (see my github profile for address)
After some further investigation, prompted indirectly by suggestions by @panva, it turned out to be due to me running on Node.js v8. Upgrading to Node.js v10 appears to have fixed the problem. I suspect the problem was due to some inconsistencies in the crypto module in Node.js v8.
Anyway, hopefully this will be a useful discovery should anyone else hit a similar problem.
Huge thanks to @panva for his invaluable help and this awesome module!
I'm getting a weird problem when authenticating against a provider that uses "token_endpoint_auth_method": "private_key_jwt". First time the client.authorizationCallback() is called, I get a crash reporting:
Unhandled Rejection at: Promise Promise {