Invalid JWK at position 0: Unexpected type of JSON object member with key exp

Created on 26 November 2024, 5 months ago

Problem/Motivation

Unable to use oauth2_server to login to ELK stack 8.16.1.

Steps to reproduce

Setup ELK 8.16.1 (sorry :-) and configure an xpack oidc auth realm.

Try to login to ELK and get:

"Authentication to realm oidc1 failed - Failed to authenticate user with OpenID Connect (Caused by org.elasticsearch.ElasticsearchSecurityException: Failed to retrieve remote JWK set.; Caused by java.text.ParseException: Invalid JWK at position 0: Unexpected type of JSON object member with key exp)"

Proposed resolution

Drop the "exp" field from the key in the jwk JSON blob.

Remaining tasks

Do the thing.

User interface changes

No.

🐛 Bug report

Status

Active

Version

2.0

Component

Code

Created by

🇦🇺Australia cafuego

Live updates comments and jobs are added and updated live.

Merge Requests

!38Invalid JWK at position 0: Unexpected type of JSON object member with key exp
Merged
🇦🇺Australia cafuego
updated 4 months ago

Comments & Activities

Issue created by @cafuego
Comment 5 months ago →
🇦🇺Australia cafuego
I guess the question then becomes "will anything break when the exp field goes missing?"
Comment 5 months ago →
🇦🇺Australia cafuego
Merge request !38[#3489790] Drop the `exp` field from the JWK, as the exponent is `e`. → (Merged) created by cafuego

Comment 4 months ago →

System Message

cafuego → committed 00d0e992 on 2.0.x

[#3489790] Drop the `exp` field from the JWK, as the exponent is `e`.

Comment 4 months ago →
🇦🇺Australia cafuego
Comment 4 months ago →
System Message
Automatically closed - issue fixed for 2 weeks with no activity.

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024