matrix4123
commented
4 years ago I just noticed you actually wrote that issue that I linked. 👍
It looks like your current library doesn't use the node-jose library any longer?
Closed matrix4123 closed 4 years ago
matrix4123
commented
4 years ago I just noticed you actually wrote that issue that I linked. 👍
It looks like your current library doesn't use the node-jose library any longer?
panva
commented
4 years ago @matrix4123 the point behind https://github.com/cisco/node-jose/issues/109 was fixing inconsistency - it was importing the key but not finding it by its wrong typed key id. Matthew went with a non-breaking fix that coarsed the values when not according to spec.
My library doesn't need to do that because it is consistent in its behaviour - it does not support wrong typed keys.
In my case the kid is a number (1)
Fix that and you're good to go.
https://tools.ietf.org/html/rfc7517#section-4.5 The "kid" value is a case-sensitive string.
Hello, I am seeing an error when my code is deployed to a Google Cloud Function that doesn't present itself when I run locally.
I suspect it is a difference in Node versions which the app runs within. I believe it is failing because the when the jwt is validated against the jwks keys it is looking it up assuming a string representation. In my case the kid is a number (1). So it is comparing "1" and 1 and failing to find it.
I noticed in the node-jose library they converted the kid to a string to accomodate this issue, do you think a similar issue here? https://github.com/cisco/node-jose/issues/109
Thanks!