- edited description
Key Verification failure with Graal VM
Issue #163
resolved
The same code works with regular JDK 11, but fails with GraalVM Version 19.3.1-java11 CE, i am using jose4j 0.7.0
Create JWT Consumer
@Singleton
@Produces
public JwtConsumer jwtConsumer() {
final HttpsJwks httpsJkws = new HttpsJwks(jwksUrl);
httpsJkws.setDefaultCacheDuration(3600 * 24);
httpsJkws.setRetainCacheOnErrorDuration(3600);
final HttpsJwksVerificationKeyResolver httpsJwksKeyResolver = new HttpsJwksVerificationKeyResolver(httpsJkws);
httpsJwksKeyResolver.setDisambiguateWithVerifySignature(true);
return new JwtConsumerBuilder()
.setRequireJwtId()
.setExpectedAudience(false, "account")
.setVerificationKeyResolver(httpsJwksKeyResolver)
.build();
}
Process Claims
jwtConsumer.processToClaims(accessToken.toString());
Error (Test endpoint is plain HTTP)
"exceptionType": "org.jose4j.lang.UnresolvableKeyException",
"message": "Unable to find a suitable verification key for JWS w/ header {\"alg\":\"RS256\",\"typ\" : \"JWT\",\"kid\" : \"Go5Ofuy4MH9qokeSyqJiukSO9H5EajLPVyf-e8X444c\"} from JWKs [] obtained from http://a*redacted*bb.elb.uredacted/protocol/openid-connect/certs",
"frames": [
{
"class": "org.jose4j.keys.resolvers.HttpsJwksVerificationKeyResolver",
"method": "resolveKey",
"line": 83
},
{
"class": "org.jose4j.jwt.consumer.JwtConsumer",
"method": "processContext",
"line": 213
},
JWKS Endpoint
{
"keys": [
{
"kid": "Go5Ofuy4MH9qokeSyqJiukSO9H5EajLPVyf-e8X444c",
"kty": "RSA",
"alg": "RS256",
"use": "sig",
"n": "nytC-X0lQVLBLJOZ1IpsvzwmyT6u-B3y5p0UWw7mGjbUA1Veqib0AxNtXSGSVAKeZ11hKI_t8RYHuI59ytvwZgFH7EqHBi129s4aOP6IG86dQnzuXM27BhtlozJjP_5hwMrmS8kqdMsDlaBFqSWATGN44AgDBgbU5XK4ActydocK_1bHK0WgY5cAnFUmq7g-E8J07ErBvBo99WhZ1EFpFtiQlEM_AG6nBWQbiuReJrewYurFUFOIpQqD5QBr_sZVURYE5VjrWf5tpk9cuieTbJf_TXWqiOEdpYL2z_vHeDzQEHLSUMp1iSa3Skl3ErktkD7WSovEWdjIB-KutRwMZw",
"e": "AQAB",
"x5c": [
"MIICoTCCAYkCBgFxzGZZMjANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDDAljb21tb2RpdHkwHhcNMjAwNDMwMTg0MTMxWhcNMzAwNDMwMTg0MzExWjAUMRIwEAYDVQQDDAljb21tb2RpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfK0L5fSVBUsEsk5nUimy/PCbJPq74HfLmnRRbDuYaNtQDVV6qJvQDE21dIZJUAp5nXWEoj+3xFge4jn3K2/BmAUfsSocGLXb2zho4/ogbzp1CfO5czbsGG2WjMmM//mHAyuZLySp0ywOVoEWpJYBMY3jgCAMGBtTlcrgBy3J2hwr/VscrRaBjlwCcVSaruD4TwnTsSsG8Gj31aFnUQWkW2JCUQz8AbqcFZBuK5F4mt7Bi6sVQU4ilCoPlAGv+xlVRFgTlWOtZ/m2mT1y6J5Nsl/9NdaqI4R2lgvbP+8d4PNAQctJQynWJJrdKSXcSuS2QPtZKi8RZ2MgH4q61HAxnAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAEBtgA2IKYb0WHV0cHOkG4z1vrmKc13EUdJqQ4dn7aa8uvutIdDWV7viwtzdz9UftY2Qd13oTqh+4ER+g7ozAS+Zbzcrz+IGM+qhOBxpCJnkt+RxfvqHBGTkLR49r+cJb9WQpiuG3O6qwyb55hnzozKOLnz5WAtF33zA6FYFKeWxSQqTaxDRALvbasC7kOGdFicwBEJ28V4/K8Y2x43ldEK4LezJsdnlZ+/xRaW99jO2L8WgPePTtBKVntQINFlnOE25QUZyzh20K0+czHYt9voQZHKA/gYWy12AgLrIvunFzSzRozSs9iXDJHAO7ivSxTt1qjlS0eJFyjbrDKgBbL0="
],
"x5t": "49It3LswOcSUUEIaBwOx162Cmqg",
"x5t#S256": "Bx45hcrwoWrQF-39Cl1wAY4BNtWL8HsU-HIZk_0MeTk"
}
]
}
Comments (4)
-
reporter -
reporter - edited description
-
reporter - changed status to resolved
My Bad, I forgot to remove the nimbusds library from classpath causing some conflicts. So far jose4j rocks with graal VM with no issues
-
repo owner Glad I could help
- Log in to comment