TTC
Theo's Typesafe Cult3y ago
Mugetsu

NextAuth - OneLogin flow mocking

Im trying to mock OneLogin login flow using WireMock server. I can easily get the flow working until I submit credentials on the mocked OneLogin page and after it redirects I get this error and can't get pass it the whole day ;/ 
[next-auth][error][OAUTH_CALLBACK_ERROR] 
https://next-auth.js.org/errors#oauth_callback_error failed to validate JWT signature {
  error: RPError: failed to validate JWT signature
      at Client.validateJWT (/.../node_modules/openid-client/lib/client.js:1055:11)
      at async Client.validateIdToken (/.../node_modules/openid-client/lib/client.js:743:49)
      at async Client.callback (/.../node_modules/openid-client/lib/client.js:486:7)
      at async oAuthCallback (/.../node_modules/next-auth/core/lib/oauth/callback.js:127:16)
      at async Object.callback (/.../node_modules/next-auth/core/routes/callback.js:52:11)
      at async NextAuthHandler (/.../node_modules/next-auth/core/index.js:201:28)
      at async NextAuthNextHandler (/.../node_modules/next-auth/next/index.js:23:19)
      at async /.../node_modules/next-auth/next/index.js:59:32
      at async Object.apiResolver (/.../node_modules/next/dist/server/api-utils/node.js:366:9)
      at async DevServer.runApi (/.../node_modules/next/dist/server/next-server.js:481:9) {
    name: 'OAuthCallbackError',
    code: undefined
  },
  providerId: 'onelogin',
  message: 'failed to validate JWT signature'
}
[next-auth][error][OAUTH_CALLBACK_ERROR] 
https://next-auth.js.org/errors#oauth_callback_error failed to validate JWT signature {
  error: RPError: failed to validate JWT signature
      at Client.validateJWT (/.../node_modules/openid-client/lib/client.js:1055:11)
      at async Client.validateIdToken (/.../node_modules/openid-client/lib/client.js:743:49)
      at async Client.callback (/.../node_modules/openid-client/lib/client.js:486:7)
      at async oAuthCallback (/.../node_modules/next-auth/core/lib/oauth/callback.js:127:16)
      at async Object.callback (/.../node_modules/next-auth/core/routes/callback.js:52:11)
      at async NextAuthHandler (/.../node_modules/next-auth/core/index.js:201:28)
      at async NextAuthNextHandler (/.../node_modules/next-auth/next/index.js:23:19)
      at async /.../node_modules/next-auth/next/index.js:59:32
      at async Object.apiResolver (/.../node_modules/next/dist/server/api-utils/node.js:366:9)
      at async DevServer.runApi (/.../node_modules/next/dist/server/next-server.js:481:9) {
    name: 'OAuthCallbackError',
    code: undefined
  },
  providerId: 'onelogin',
  message: 'failed to validate JWT signature'
}
1 Reply
Mugetsu
Mugetsu3y ago
WireMock at /oidc/2/token according to the onelogin specifications https://developers.onelogin.com/openid-connect/api/authorization-code-grant#response-elements returns 
{
      "access_token": "...",
      "expires_in": 3600,
      "id_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTY2NjAwMDgwMCwiZXhwIjoxNjY4Njc5MjAwLCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjI3NDQyL29pZGMvMiIsImF1ZCI6InNvbWUtY2xpZW50LWlkIn0.QLqLlhoZi7JnqTAYibPkIFPvmC88t4Z7AbUspSX8ENbEnK0NXV_hTxAXLA3-V7TjuIWlrJOvOT7BrHP3N39XV0Vb5pw_X4OY48ce9JQR46x5v3YeU4wgm48sWCIkwRVNDGV0_oF1Pr2Qa4egAVDzLDxtoqrgV4W_wjOI-jxv2r0NWeNvgsSH68PC0qTcgfuLG_k1Sf61CBS-_DKHGznD9gdHc3xJM2Rh3FLQQ5-JHVlE0nB0If8Gx-Q5_cI2VQaDwj-x4VO9qzE2o1zes41NgyP1D85TODegPN6lNvpLMyexIBwl5LYP0WnpW9ZDKziUqVLkuJ4LTnl5jg9ZsbXQ2Q",
      "refresh_token": "...",
      "scope": "openid groups",
      "token_type": "Bearer"
    }
{
      "access_token": "...",
      "expires_in": 3600,
      "id_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTY2NjAwMDgwMCwiZXhwIjoxNjY4Njc5MjAwLCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjI3NDQyL29pZGMvMiIsImF1ZCI6InNvbWUtY2xpZW50LWlkIn0.QLqLlhoZi7JnqTAYibPkIFPvmC88t4Z7AbUspSX8ENbEnK0NXV_hTxAXLA3-V7TjuIWlrJOvOT7BrHP3N39XV0Vb5pw_X4OY48ce9JQR46x5v3YeU4wgm48sWCIkwRVNDGV0_oF1Pr2Qa4egAVDzLDxtoqrgV4W_wjOI-jxv2r0NWeNvgsSH68PC0qTcgfuLG_k1Sf61CBS-_DKHGznD9gdHc3xJM2Rh3FLQQ5-JHVlE0nB0If8Gx-Q5_cI2VQaDwj-x4VO9qzE2o1zes41NgyP1D85TODegPN6lNvpLMyexIBwl5LYP0WnpW9ZDKziUqVLkuJ4LTnl5jg9ZsbXQ2Q",
      "refresh_token": "...",
      "scope": "openid groups",
      "token_type": "Bearer"
    }
I generated id_token at https://jwt.io/ but nextauth rejects the token failed to validate JWT signature Any suggestions how I could tackle this so nextauth would validate successfully the token and bypass me back to the application in development?
Want results from more Discord servers?
Add your server