search

sonikro / flutter-okta-sdk

Okta's SDK Implementation for Flutter
BSD 3-Clause "New" or "Revised" License
19 stars 34 forks source link

Getting different JWT token for Android and iOS from Okta OIDC PKCE #35

Open jtripade opened 2 years ago

jtripade commented 2 years ago

Using this library for Android and iOS but getting different type of JWT token. When decoded, we found following difference. Because of this difference token generated by iOS App is getting authenticated by backend server but token generated by Android app is getting rejected as invalid token.

Token generated by iOS looks like below. It contains "iss" ending with oauth2/default and aud as api://default.

{
  "ver": 1,
  "jti": "AT.Mbk7V5Sp1hNRzpHA4JKBoF9dniS4AO_WBPSUgNqJ4Pk",
  "iss": "https://org-dev.oktapreview.com/oauth2/default",
  "aud": "api://default",
  "iat": 1650342083,
  "exp": 1650345683,
  "cid": "0oa2gwdzyqm1DJAE41d7",
  "uid": "00u2icm9xhoYA6wVx1d7",
  "scp": [
    "email",
    "openid",
    "profile"
       ],
  "auth_time": 1650342081,
  "sub": "abhishek.lastname@org.com"
}

But in case of Android, "iss" is just "https://org-dev.oktapreview.com" and aud is also "https://org-dev.oktapreview.com"

{
  "ver": 1,
  "jti": "AT.VMgUDc-wJnEXTx4n5I-QyKTI0yMGTqBWw8HA9FE6EPY",
  "iss": "https://org-dev.oktapreview.com",
  "aud": "https://org-dev.oktapreview.com",
  "sub": "abhishek.lastname@org.com",
  "iat": 1649419357,
  "exp": 1649422957,
  "cid": "0oa2gwdzyqm1DJAE41d7",
  "uid": "00u2jz1wtzyVc1b0c1d7",
  "scp": [
    "openid",
    "profile",
    "email"
  ],
  "auth_time": 1649419354
}
erickgon92 commented 2 years ago

Hi, did you manage to solve this issue or any advance on it?

Thank you!