1 réponse
- Le plus récent
- Le plus de votes
- La plupart des commentaires
0
So the problem was that I tried to set the kid in the "claims" of the JWT.
However it turned out that ,in order for AWS to distinguish that this JWT was signed with this key (from the jwks response), it checks in the headers of the JWT. If a kid is found in the header then it looks in the jwk response for the certificate with the corresponding kid.
So to solve the issue I just had to set the kid of in the "headers" of the JWT.
So if you are in java :
public String buildToken(Key key) {
Map<String, Object> claims = new HashMap();
Map<String, Object> headers = new HashMap();
claims.put(claimName, someClaim);
...
headers.put(KID, KID_OF_THIS_TOKENS_CERTIFICATE);
...
return Jwts.builder().setClaims(claims).setHeader(headers).signWith(SignatureAlgorithm.RS256, key).compact();
}
répondu il y a 5 ans
Contenus pertinents
- demandé il y a 2 ans
- Réponse acceptéedemandé il y a 2 ans
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a 3 ans
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a 8 mois