Re: JWT token authentication error

Thanks Ayan, I'll handle it. Jacques Le 14/12/2022 à 13:46, Ayan Farooqui a écrit : Hello Jacques, I have created a JIRA issue for the same https://issues.apache.org/jira/browse/OFBIZ-12724 Please let me know if I need to make any changes Thanks Ayan On Tue, Dec 13, 2022 at 6:21 PM

Re: JWT token authentication error

Hello Jacques, I have created a JIRA issue for the same https://issues.apache.org/jira/browse/OFBIZ-12724 Please let me know if I need to make any changes Thanks Ayan On Tue, Dec 13, 2022 at 6:21 PM Jacques Le Roux < jacques.le.r...@les7arts.com> wrote: > Hi Ayan, > > I totally agree about

Re: JWT token authentication error

Hi Ayan, I totally agree about your conclusion. We can go as we agreed and I can do that. Would you take care of creating a Jira? Else I can do it for you. Thanks Jacques Le 13/12/2022 à 08:14, Ayan Farooqui a écrit : Hello Jacques, I have used an online tool (https://mkjwk.org/) to

Re: JWT token authentication error

Hello Jacques, I have used an online tool (https://mkjwk.org/) to generate this specific secret key where I specified the size, algorithm and type. Thank you for providing me with a solution but my specific problem and use case was solved already, I'm using the key of recommended size. It may

Re: JWT token authentication error

Hi Ayan, Few other questions: Are you using a salt when generating the key? Then when and how do you measure the KeS5mHZGWAD6-5V9qwCE to say it's a 120 bit key? Without a salt it seems to be a 160 bit key to me, do I miss something? To answer you question, I guess we did not care about that by

Re: JWT token authentication error

Hello Jacques, This is a randomly generated key (KeS5mHZGWAD6-5V9qwCE) Yes the method I'm using internally calls the method you mentioned public static String createJwt(Delegator delegator, Map claims, String keySalt, int expireTime) and yes I am getting the key from properties file

Re: JWT token authentication error

I had a quick look. Before you create a Jira issue, here are some questions: First, why did you pick the 120 bit secret key KeS5mHZGWAD6-5V9qwCE ? Then, as I did no find any "Date expiresAt)" in any code ever in OFBiz: https://ofbiz.markmail.org/search/?q=Date+expiresAt%29 my question is do

Re: JWT token authentication error

Hi Ayan, Thanks for your detailed answer, I now understand the issue and will have a 1st look at it. I have created a Jira account for you (ayanfarooqui). Could you please create a Jira bug issue, you may follow

Re: JWT token authentication error

Hello Jacques, Thank You for moderating the message. I have secured my Solr setup using solr.JWTAuthPlugin . I need to provide the algorithm name (HS512) and the secret key to verify the payload in solr. The rest api for my Solr

Re: JWT token authentication error

Hi Ayan, Your message has been (somehow) moderated, else it would not have reached this Mailing List. Please subscribe to the user ML for such questions and then use your email client. See why here http://ofbiz.apache.org/mailing-lists.html. You will get a better support, people can answer you