I have a problem about sending any request to a defined service through api gateway with the usage of bearer token coming from login. After login, I tried to send a request to a defined service but I got this issue in JWTAuthenticationFilter of api gateway shown below. The exact location is in JWTUtils class …
Tag: jwt
Custom Exceptions for JWT authentication don’t work JAVa
I implemented in my API Rest JWT authentication, but the exceptions that I created don’t work. This is what I expect: This is what I get: This is my CustomException Class This is what I have in my globalExceptionHandler And finally this is what I have in the method validateToken in JwtTokenProvider: pub…
Why do I get a “io.jsonwebtoken.ExpiredJwtException”?
I have a problem with my Spring Security JWT Application. I am getting an error because my JWT is expired, but I can’t find, where it gets the 2022-04-12 as an expiration date. I can’t find a single piece of code, which says that the expiration date is the 2022-04-12. After my understanding, it is…
int io.jsonwebtoken.SignatureAlgorithm.getMinKeyLength()’ no such method error while generating a token key for authentication
Hello all I am trying to use JJWT to generate a security token for authenticating users. But getting this error. Here is my pom.xml file: Here is my method to generate a token if needed How to solve this problem? I tryed before to changed version of jjwt to 0.11.2 but got a build eror it couldn’t find a…
Why this API is forbidden for an user having a JWT token containing the “correct” authority?
I am not so into Spring Security and JWT token and I have the following doubt on a project which I am working on. Basically I have this SecurityConfiguration class containing my Spring Security configuration, as you can see it is intended to handle JWT token: As you can see in the previous code I have the fol…
In nimbus-jose-jwt, what is difference between lifespan and refreshTime?
The class DefaultJWKSetCache of nimbus-jose-jwt has two fields, lifespan and refreshTime. From Java docs – lifespan – The lifespan of the cached JWK set before it expires, negative means no expiration. refreshTime – The time after which the cached JWK set is marked for refresh, negative if n…
Extend Micronaut CustomJWTClaimsSetGenerator to provide all attributes
I have the following two classes which provide the JWT authentication mechanisem. CustomDelegatingAuthenticationProvider CustomJWTClaimsSetGenerator The default response to the client looks like this: My question. How can I extend the class to return all user attributes? Besides username I want to have the us…
quarkus and jwt token, application.properties var don’t work
I have a quarkus project I try to secure some of my endpoints with a Jwt token. So far, it don’t work. everything is still accessible. my application.properties: it worth notting that the lines are in gray in my IDE ( Intellij), and my IDE say they are not used nor by my project nor it’s dependenc…
antMatchers() is not working , and gives forbidden error
I have an end-point called authenticate , this endpoint is given to antMatchers(“/authenticate”) to skip authorization for this end-point, but it still checks for the authentication. code: Answer I have an update regarding the issue. In my case, I had a problem with a function singWith() that was …
Quarkus JWT Returning Unauthorized on deployment
I have a Quarkus project that expose some REST Endpoints. When working on dev mode or running from the local build docker container all work fine, those endpoints annotated with @RolesAllowed and @PermitAll work as supposed to be. But when I deploy to a AWS service with the following steps: Commit to Gitlab R…