search

tsndr / cloudflare-worker-jwt

A lightweight JWT implementation with ZERO dependencies for Cloudflare Workers.
MIT License
680 stars 55 forks source link

HMAC "jwk" key import requires a JSON Web Key with Key Type parameter ("kty") equal to "oct" (encountered "RSA") #52

Closed martior closed 3 weeks ago

martior commented 11 months ago

I started getting these today. My tokens are from auth0, I checked that the token is ok on https://jwt.io/ and that it is verified there with the same key.

Stack trace from sentry:

DataError: HMAC "jwk" key import requires a JSON Web Key with Key Type parameter ("kty") equal to "oct" (encountered "RSA").
  at importJwk(index.js:15470:30)
  at importKey(index.js:15480:12)
  at Object.verify(index.js:15540:23)

Looks like this is a cloudflare problem and the error is returned from crypto.subtle.importKey("jwk"

tsndr commented 10 months ago

How can I reproduce this issue?

martior commented 10 months ago

@tsndr I use auth0 and their react package, the jwk is from there. If you I can give you a key from my test account if you send me an email (email in bio).

tsndr commented 8 months ago

Maybe we should develop a test case for that.