Solved: Firebase auth checking with verify-jwt - Page 2

thomas · 08-01-2019 03:04 PM

Hello, im trying validate firebase tokens with Verify-JWT policy and dont know why im getting the error "Failed to parse key: policy(Verify-JWT-1) "

at the browser i get the token using:

fb.auth().currentUser.getIdToken()

and hardcoded the JavaScript policy that sets the user token and google public keys

context.setVariable("jwt-variable", ...)

// the contents of https://www.googleapis.com/service_accounts/v1/jwk/securetoken@system.gserviceaccount.com

context.setVariable("public.jwks", {
  "keys": [
    {...

finally the JWT policy

<VerifyJWT async="false" continueOnError="false" enabled="true" name="Verify-JWT-1">
    <Algorithm>RS256</Algorithm>
    <Source>jwt-variable</Source>
    <IgnoreUnresolvedVariables>false</IgnoreUnresolvedVariables>
    <PublicKey>
        <JWKS ref="public.jwks"/>
    </PublicKey>
</VerifyJWT>

thanks

dchiesa1

I tried your example on my current organization and it works successfully.

I also performed some additional tests on your Your trial organization, and encountered the same error you reported. Apparently your org does not have the update that allows it to retrieve from the JWKS uri.

unfortunately, I don't know when that trial organization will be updated.

I will check.

Update. The release engineers tell me that your pod will be updated soon, hoping for tomorrow.

View solution in original post