You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2021/06/09 21:34:00 UTC
[jira] [Work logged] (KNOX-2620) Signature algorithm mismatch in
JWKS resource
[ https://issues.apache.org/jira/browse/KNOX-2620?focusedWorklogId=609403&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-609403 ]
ASF GitHub Bot logged work on KNOX-2620:
----------------------------------------
Author: ASF GitHub Bot
Created on: 09/Jun/21 21:33
Start Date: 09/Jun/21 21:33
Worklog Time Spent: 10m
Work Description: smolnar82 opened a new pull request #457:
URL: https://github.com/apache/knox/pull/457
## What changes were proposed in this pull request?
Populating and returning the appropriate signature algorithm in the response of Knox's JWKS endpoint.
## How was this patch tested?
Updated and ran `org.apache.knox.gateway.service.knoxtoken.JWKSResourceTest` successfully.
In addition to uni testing I re-deployed Knox locally and invoked the updated JWKS endpoint:
```
curl -iku admin:admin-password https://localhost:8443/gateway/homepage/knoxtoken/api/v1/jwks.json
HTTP/1.1 200 OK
Date: Wed, 09 Jun 2021 21:29:26 GMT
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1;mode=block
Content-Type: application/json
Content-Length: 462
{
"keys": [{
"kty": "RSA",
"e": "AQAB",
"use": "sig",
"kid": "1jmRkVmXLeT-XYd5D8SVccjvNRaqiHypUhZCsIgOoSU",
"alg": "RS256",
"n": "mQ57g6fP3KeCAnGR9CuWzh4qBbNQZeCPU6mb47mxu3SF-KPuHSwvJwhnxlBPpzIC-IbpZjg5EnOfXC9sEZMB2VxFeUAkHOqq8K0nMFDaTXLekaoCDAMYwQXhP3SlHiYcWm2B1JqfDgfG492UBONRZmeE-qOGycad0E8NhREfoMVJGWSpYP-kI9qPRs3fNw3UpVpc69AGU9KuAu5VnmuV6wsik_ZkC3EjAS6UrUbfDF2gDczWTyBHlw-JcjKrWahCdBf0XoKSE1tqF7gvdrvASVdtjfiT8aUjFaYj7NfvJHPgc1tdshzEy814dH6myJ-YssjRLuBmSkn17AbAB5BM5w"
}]
}
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
Issue Time Tracking
-------------------
Worklog Id: (was: 609403)
Remaining Estimate: 0h
Time Spent: 10m
> Signature algorithm mismatch in JWKS resource
> ---------------------------------------------
>
> Key: KNOX-2620
> URL: https://issues.apache.org/jira/browse/KNOX-2620
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 1.6.0
> Reporter: Sandor Molnar
> Assignee: Sandor Molnar
> Priority: Major
> Time Spent: 10m
> Remaining Estimate: 0h
>
> With KNOX-2570, a new public API endpoint got introduced which returns a JSON that helps to verify the generated tokens. One of the JSON elements in the response indicates the signature algorithm. This {{alg}} property is set to {{RSA}} instead of the configured/default signature algorithm (this is {{RS256}} if it's not overridden in the topology).
--
This message was sent by Atlassian Jira
(v8.3.4#803005)