OPError: invalid_client (Invalid JWT token)

panva / openid-client

OAuth 2 / OpenID Connect Client API for JavaScript Runtimes

MIT License

1.83k stars 392 forks source link

OPError: invalid_client (Invalid JWT token) #300

Closed NikhilDeshmukh045 closed 4 years ago

NikhilDeshmukh045 commented 4 years ago

I am getting the above error for in a client.grant() function at https://github.com/panva/node-openid-client/tree/master/docs#clientgrantbody-extras , and it looks like error is related to clientAssertionPayload.

NikhilDeshmukh045 commented 4 years ago

Below are code snippet which I am using currently. const payload = { iss: clientId, sub: clientId, iat: issuedAtTimeSeconds, exp: expirationTimeSeconds, aud: url, jti: Math.random().toString(36).replace(/[^a-z]+/g, '').substr(0, 12) }; const clientAssertion = await client.requestObject(payload);

panva commented 4 years ago

Request Object and Client Assertion is not the same. Your IDP rightfully rejects your token call.

NikhilDeshmukh045 commented 4 years ago

@panva I also got the same error when I am creating client assertion using a custom function(not using requestObject). I am passing Client Assertion created by custom function at clientAssertionPayload field of the Grant function of Client. Then also getting the same error. I want to ask is I am following correct approach or not?

panva commented 4 years ago

Consult your IdP. As is i cannot help due to lack of details about what you're trying to do.