-
Notifications
You must be signed in to change notification settings - Fork 2.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Error: Could not verify JWT: JWSError JWSInvalidSignature Hasura, Docker and Cognito #3919
Comments
@lucasmachadorj Can you check what |
Aren't Cognito JWTs always RS-256?
|
Also, you do not need |
I am getting same error with firebase auth. After following this https://hasura.io/blog/authentication-and-authorization-using-hasura-and-firebase Use case that is failing for me is following: I have hasura action that triggers firebase cloud function, within that unction I use firebases admin sdk to create new token https://firebase.google.com/docs/auth/admin/create-custom-tokens I then try to make call to hasura and get same error const data = await fetch("https://api.dev/v1/graphql", {
method: "POST",
body: JSON.stringify({ query }),
headers: {
Authorization: `Bearer ${token}`,
},
}); Admin is configured for same project as project id set in hasura |
I'm having the same issue with Cognito + Hasura as OP after following the same tutorial directions. I've verified that my token is valid using jwt.io, is Any additional debugging suggestions would be greatly appreciated. |
I was able to resolve my issues by a combination of pressing all the Heroku buttons and regenerating the access token. My guess is that regenerating the access token was what actually fixed my issues. We also upgraded to Hasura 1.3 and removed new line characters from the |
I'm facing the same issue now. If i use cognito for javascript (web app), hasura could verify my JWT, but if i use cognito for mobile app, hasura could not verify the JWT. Could someone help me please? Is there any different between setting up web app and mobile app? |
@jherjati Is it that it's not being served via a real secure socket layer? I'm interested to see the outcome here |
I'm facing the same issue on Hasura 2.4.0;
but the generated jwt cuases an error GraphQLError(message: Could not verify JWT: JWSError JWSInvalidSignature |
I had the same issue as the OP. But after upgrading to Hasura server version 2.7.0 it works. |
Any solution found? |
Any update on this? Still have the issue with Firebase Auth and Hasura v2.21.0. |
I encountered it when I set the sub field of the JWT token as a Number instead of a String. |
I am facing the same issue on Hasura v2.0.9. It happens at every server restart and it solves automatically after some time. It seems that it is happening due to hasura not having the right JWK keys at the time of verifying the first incoming JWTs. Thus, when Hasura fetches the JWK keys again from our backend server then it is able to verify JWTs correctly. |
Hey, I have cognito a user pool configured and a lambda function to intercept the request to add claims data. It looks like this:
I've used a task and updated the
But I receive the following error:
|
I'm developing an application in which I use AWS Cognito as authentication provider.
The Hasura Engine is configured in a docker-compose file and it runs in a AWS EC2 machine.
Following this tutorial https://hasura.io/blog/hasura-authentication-explained/#cognito I set HASURA_GRAPHQL_JWT_SECRET as shows below:
From the client, I get jwtToken from idToken and put it in authorization header:
Then follows the error:
I don't know if there is any error in my stringified jwks, is it the problem?
As told by @praveenweb in #3513 I was careful about putting HASURA_GRAPHQL_JWT_SECRET value in a single quote.
The text was updated successfully, but these errors were encountered: