Hi @Dino
We are trying a scenario to generate and validate JWT based on your code sample in GitHub
https://github.com/apigee/iloveapis2015-jwt-jwe-jws/tree/master/jwt_signed/apiproxy
But we are getting an error when we try to deploy it using apigeetool. We are using the below command
apigeetool deployproxy -u username -o myorg -e test -n proxyname -d .
However we are getting an error and the error message is as below -
Deployment on test successful
"jwt_signed" Revision 1
error
environment = test
base path = /
Partial Failure: {"status":"deployed","type":["router"],"uUID":"128875b4-2e2c-48
03-ab44-ef03c2b27145"}Partial Failure: {"status":"deployed","type":["router"],"u
UID":"d1947fa3-0689-47b5-abef-d70e6e19e815"}Partial Failure: {"status":"deployed
","type":["router"],"uUID":"df2fbeec-b028-4d3c-bb96-a827b235166e"}
and we are not able to deploy the proxy. Also we noticed that the base path in the above message shows / while in the code it shows /jwt_signed.
Can you please check and guide us on what could be the issue.
Adding @Pranjali
Regards,
Shwetha
The basePath thing you noticed - is not an issue. There is a basepath for each proxy endpoint, and there is a distinct basepath for the proxy bundle. The proxy bundle basepath in your case is / . The proxy endpoint basepath is /jwt_signed.
As for why there is a "partial failure" message upon deployment, since the release of the jwt_signed example in 2015, the runtime security configuration for Apigee Edge has changed. This prevents Java code that uses reflection from being deployed. The jwt_signed example that previously worked without problem, now does not work. Unfortunately.
Apigee is actively working on an officially supported JWT policy. This should be ready within a few weeks. In the meantime you can try using nodejs code or a JS callout do do the signing and verification.
Hi @Dino,
I get the same (similar) failure (
Partial Failure: {"status":"deployed","type":["router"],"uUID":"...) when trying to deploy the oidc-core proxy from the Github OIDC demo (
https://github.com/DinoChiesa/Apigee-Edge-OIDC-Demonstration))
Has there also been a change in Edge which could explain the failure?
I recognized that when excluding the following policies:
<Name>Java-GenerateIdToken-1</Name>
<Name>Java-GenerateIdToken-2</Name>
the deployment succeeds (but so does not the tracing of course..)
Thanks for a hint!