Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[JWT Auth provider] PubSecKeyOptions creation fails when using JsonObject #596

Open
dprincethg opened this issue Oct 13, 2022 · 2 comments
Open

[JWT Auth provider] PubSecKeyOptions creation fails when using JsonObject #596

dprincethg opened this issue Oct 13, 2022 · 2 comments
Assignees
@pmlopes
Labels
bug

Comments

@dprincethg
Copy link

Version

vertx 4.3.4

Context

When I use the code from this Doc page/

JWTAuth jwtAuth = JWTAuth.create(vertx, new JWTAuthOptions() .addPubSecKey(new PubSecKeyOptions() .setAlgorithm("ES256") .setBuffer( "-----BEGIN PUBLIC KEY-----\n" + "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEraVJ8CpkrwTPRCPluUDdwC6b8+m4\n" + "dEjwl8s+Sn0GULko+H95fsTREQ1A2soCFHS4wV3/23Nebq9omY3KuK9DKw==\n" + "-----END PUBLIC KEY-----")));

The JWTAuth creation is OK.

However when I try to use a JsonObject to build PubSecKeyOptions, like this:

JWTAuth jwtAuth = JWTAuth.create(vertx, new JWTAuthOptions() .addPubSecKey(new PubSecKeyOptions(new JsonObject() .put("algorithm","ES256") .put("buffer", "-----BEGIN PUBLIC KEY-----\n" + "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEraVJ8CpkrwTPRCPluUDdwC6b8+m4\n" + "dEjwl8s+Sn0GULko+H95fsTREQ1A2soCFHS4wV3/23Nebq9omY3KuK9DKw==\n" + "-----END PUBLIC KEY-----"))));

This exception is raised

Caused by: java.lang.IllegalArgumentException: Illegal base64 character 2d
at java.util.Base64$Decoder.decode0(Base64.java:743) ~[?:?]
at java.util.Base64$Decoder.decode(Base64.java:535) ~[?:?]
at java.util.Base64$Decoder.decode(Base64.java:558) ~[?:?]
at io.vertx.ext.auth.PubSecKeyOptionsConverter.fromJson(PubSecKeyOptionsConverter.java:30) ~[vertx-auth-common-4.3.4.jar:4.3.4]
at io.vertx.ext.auth.PubSecKeyOptions.(PubSecKeyOptions.java:52) ~[vertx-auth-common-4.3.4.jar:4.3.4]

Extra

Root cause seems to be related to PubSecKeyOptionsConverter - line 30

obj.setBuffer(io.vertx.core.buffer.Buffer.buffer(BASE64_DECODER.decode((String)member.getValue())));

As a BASE64_DECODER is used to set the buffer when JsonObject is used,

But in PubSecKeyOptions buffer is set without Base64 decoding

this.buffer = Buffer.buffer(buffer, "UTF-8");
@dprincethg dprincethg added the bug label Oct 13, 2022
@pmlopes pmlopes self-assigned this Oct 13, 2022
@pmlopes
Copy link
Contributor

pmlopes commented Oct 13, 2022

This is a codegen issue, types are getting mixed as we have overload's for that field which was named buffer and also has a buffer input argument.

@dprincethg
Copy link
Author

dprincethg commented Oct 13, 2022
edited

I do not understand why the key format should be different in both cases, so why same value cannot be used :/
I guess the multiline format of the Key might not be adapted to Json...

Then, What is format of the pub key "buffer" to provide in JsonObject to make it works?

Edit:
I've called the PubSecKeyOptions.toJson() from instance created with POJO setters:

{
"algorithm" : "ES256",
"buffer" : "LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUZrd0V3WUhLb1pJemowQ0FRWUlLb1pJemowREFRY0RRZ0FFcmFWSjhDcGtyd1RQUkNQbHVVRGR3QzZiOCttNApkRWp3bDhzK1NuMEdVTGtvK0g5NWZzVFJFUTFBMnNvQ0ZIUzR3VjMvMjNOZWJxOW9tWTNLdUs5REt3PT0KLS0tLS1FTkQgUFVCTElDIEtFWS0tLS0t",
"certificate" : false,
"symmetric" : false
}

The buffer format is in fact the Base64URL encoding of "buffer" provided using POJO method:

-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEraVJ8CpkrwTPRCPluUDdwC6b8+m4
dEjwl8s+Sn0GULko+H95fsTREQ1A2soCFHS4wV3/23Nebq9omY3KuK9DKw==
-----END PUBLIC KEY-----

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@pmlopes pmlopes

Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pmlopes @dprincethg