- edited description
IDTokenValidator.validate method throws socketTimeoutException
Issue #175
resolved
Hi there,
i am trying to validate the token based on jwkset uri. For some url
its throwing following Exception.
java.net.SocketTimeoutException: Read timed out
This error is comming in RemoteJWKSet at line no 118. which capture the SockettimeoutException and returning null and its give some other error like
com.nimbusds.jose.proc.BadJOSEException: Signed JWT rejected: No matching key(s) found .
i am seeing the for following attributes
DEFAULT_HTTP_CONNECT_TIMEOUT
DEFAULT_HTTP_READ_TIMEOUT
is set to 250
which is causing the error. Following is the code snippet
From DefaultResourceRetriever this method is throwing out error public Resource retrieveResource(final URL url)
URL jwkSetURL = new URL("www.discoverykeys.com/keys");
IDTokenValidator validator = new IDTokenValidator(iss, clientID, jwsAlg, jwkSetURL);
validator.validate(idToken, null);
Thanks Vinoj
Comments (7)
-
reporter
-
reporter
- edited description
-
reporter
- edited description
-
- changed status to open
-
In order to tune the timeouts a new constructor will be required.
Until then you can use the following constructor:
public IDTokenValidator(final Issuer expectedIssuer, final ClientID clientID, final JWSKeySelector jwsKeySelector, final JWEKeySelector jweKeySelector)And pass
new JWSVerificationKeySelector(expectedIssuer, expectedJWSAlg, new RemoteJWKSet(expectedIssuer, jwkSetURI, new DefaultResourceRetriever())); -
new DefaultResourceRetriever() -> implies no timeout
What kind of response times go you get though from this server?
-
- changed status to resolved
Added new IDTokenValidator constructor to permit setting of a specific resource retriever (HTTP client) for obtaining the OpenID Connect JWK set, see commit e3d6611.
- Log in to comment
