JWT validation error

1

Hello all,

I’m trying to implement a jwt token to my app. I’m using the tutorial of @odan.

The creation and retrieval of the token works absolutely fine.
I’ve protected a route to check the validation.

The header looks like this:

image
image1325×398 22.7 KB

It is the exact token, I’m getting from the app but as a result I get the unauthorized state.

While debugging I found out, that it has to do with this line of code:

if (!$this->configuration->validator()->validate($token, ...$constraints)) {
    return null;
}

This validate function is returning false but I can’t evaluate why.

The type of the $token is just Token instead of UnencryptedToken type.
This might break the code later on this line:

$userId = $token->claims()->get('uid');

I’m very gateful to recieve help

Greets

Jevy

2

Hi @Jevy

I just tried this setup according to the instructions with the latest version and the Token validation works perfect. So it should be something with the header or so.

The screenshot was not complete.
Make sure the client sends the token within the Authorization request header:

Example:

Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciO...

Otherwise the token validation will fail.

This is correct, because UnencryptedToken is just an interface an Token implements this interface.

3

Hi @odan,

I’ve checked everything in my code and compared it with every single line in the tutorial.

This is the complete repository I’m working in:
My Repository


And here is a complete screenshot of my request:

image
image1278×717 43.5 KB


I still can’t figure it out, where the error is.

4

Maybe the JWT is expired?

5

I var_dumped the decoded token and found the reason why it wasn’t working. :see_no_evil:

I’ve used issuedBy twice. There was no issuedAt.
After changing that line to the right thing, everything worked fine.

$builder = $this->configuration->builder()
            ->issuedBy($this->issuer)
            ->identifiedBy(Uuid::v4()->toRfc4122())
            **->issuedAt($now)** // <- here was the problem
            ->canOnlyBeUsedAfter($now)
            ->expiresAt($now->addSeconds($this->lifetime));

Nevertheless, thank you very much for your help

1 Like