For example, when using RS256, key generation works just fine, however, on validation:
openssl_verify(): supplied key param cannot be coerced into a public key in .../wp-content/plugins/jwt-auth/vendor/firebase/php-jwt/src/JWT.php on line 293
{"success":false,"statusCode":401,"code":"jwt_auth_invalid_token","message":"OpenSSL error: error:0607A082:digital envelope routines:EVP_CIPHER_CTX_set_key_length:invalid key length","data":[]}
JWT::decode() expects a public key for asymmetric algorithms.
Setting another constant like JWT_AUTH_PUBLIC_KEY when using RS256 and using that at this line instead of JWT_AUTH_SECRET_KEY seems to fix the issue.
For example, when using RS256, key generation works just fine, however, on validation:
JWT::decode()
expects a public key for asymmetric algorithms.Setting another constant like
JWT_AUTH_PUBLIC_KEY
when using RS256 and using that at this line instead ofJWT_AUTH_SECRET_KEY
seems to fix the issue.https://github.com/usefulteam/jwt-auth/blob/0aeaa8f8f868606595c09826caa49dd3d86c8650/class-auth.php#L411