This topic has 3 replies, 2 voices, and was last updated 2 years, 9 months ago by 
.
-
Posts
-
I was testing the JWT bearer client openam examples for 6.5.2. Configured OAuth2.0 client for and included the public cert. I was getting an error message (Response code: 400 {“error_description”:”Unknown JWT issuer”,”error”:”invalid_grant”}. Since 6.5.2 has new agent for ‘Trusted JWT Issuer Agents’, I configured the trusted issuer. One of the requirement for this configuration is to include the JWK set for the JWT agent. I extracted the public key from the very and converted to JWK and updated the JWK set config. System didn’t like this key and I am getting “Response code: 400 {“error_description”:”JWT signature is invalid”,”error”:”invalid_grant”}.
Any ideas how to get a proper JWK for the JWT bearer client from the open-am examples?
Thanks,
-MaliHere’s the JWK key extracted from the public cert from the JWT bearer cleient.
{“kty”:”RSA”,”e”:”AQAB”,”kid”:”00c72668-7bcf-4404-808e-0f623e4ce686″,”n”:”gPhln8MgYQGvhALa7PQZgU4JSUA9qfFfbVpgdK8QuxbIxrsMmUP6aeNoXxw9FEySFhkVcMmj8BVyPJuXJPee2ov7YmzcPtOZLoFKOTFlawkfKEkhgShTDCWhzSSLOBKbXkzAExxueSxBU3lVaI57jLgkxuLfS3qTfyUzrYoq1pI8_qO-dbUtOYv26KotbPngAzqFTc2UIjcnpF-HzBoEg8ASOYdk2q46Xa4aBa6bO5tgMUluiYtJCo7nxG4pVpJUzANuYQ20xhZcgpAvbFO3lcBvARASAn_OyTCkDZpC3UcTp17dTKY6E42FGK7iuTcAgScRVvGu_LgiT7BeDstlWw”}
Here’s the JWK key extracted from the public cert from the JWT bearer cleient.
{“kty”:”RSA”,”e”:”AQAB”,”kid”:”00c72668-7bcf-4404-808e-0f623e4ce686″,”n”:”gPhln8MgYQGvhALa7PQZgU4JSUA9qfFfbVpgdK8QuxbIxrsMmUP6aeNoXxw9FEySFhkVcMmj8BVyPJuXJPee2ov7YmzcPtOZLoFKOTFlawkfKEkhgShTDCWhzSSLOBKbXkzAExxueSxBU3lVaI57jLgkxuLfS3qTfyUzrYoq1pI8_qO-dbUtOYv26KotbPngAzqFTc2UIjcnpF-HzBoEg8ASOYdk2q46Xa4aBa6bO5tgMUluiYtJCo7nxG4pVpJUzANuYQ20xhZcgpAvbFO3lcBvARASAn_OyTCkDZpC3UcTp17dTKY6E42FGK7iuTcAgScRVvGu_LgiT7BeDstlWw”}
Construct you JWK set using https://8gwifi.org/jwkconvertfunctions.jsp
I was able to test this feature successfully.
You must be logged in to reply to this topic.
