I have added "Generate JWT-1" and added in assign message
so in response, I got JWT.
so above all configuration is in on reverse proxy called
/genratejwttoken
Now i have created a new proxy called Varify Jwt
/varifyjwt Verify JWT-1 policy but when i try to access it I got below error.
"{"fault":{"faultstring":"NullPointerException","detail":{"errorcode":"Internal Server Error"}}}"
Can you please check the trace and show what error you see to help you further?
Error Headers | |
Content-Type | Error Content |
---|---|
Body | Properties |
action | ABORT |
stepDefinition-async | false |
internal | false |
stepDefinition-type | |
type | VerifyJWTStepExecution |
enforcement | request |
stepDefinition-continueOnError | false |
stepDefinition-displayName | Verify JWT-1 |
stepDefinition-name | Verify-JWT-1 |
stepDefinition-enabled | true |
result | false |
error | null |
type | ErrorPoint |
state | PROXY_REQ_FLOW |
error.class | java.lang.NullPointerException |
Identifier | fault |
That's unfortunate.
There are some cases in which VerifyJWT fails to handle the inbound source JWT properly.
Can you show the configuration for the VerifyJWT policy?
What do you use for Source?
Do you have a JWT in that variable?
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <VerifyJWT async="false" continueOnError="false" enabled="true" name="Verify-JWT-1"> <DisplayName>Verify JWT-1</DisplayName> <Algorithm>HS256</Algorithm>
<Source>jwt-variable</Source>
<SecretKey>
<Value ref="private.key"/>
</SecretKey>
<Subject>subject-subject</Subject> <Issuer>urn://apigee-edge-JWT-policy-test</Issuer> <Audience>audience1,audience2</Audience> <AdditionalClaims> <Claim name="additional-claim-name" type="string">additional-claim-value-goes-here</Claim> </AdditionalClaims> </VerifyJWT>
How are you sending the JWT token?
If you are passing the JWT in the Authorization header, you do not need to include the Source element in the policy.
No success after remove source also same issue
Where is the JWT? How is the JWT being passed in, with the API request?
Did you verify that the Authorization header contains a string of the form "Bearer $JWT"?
i dont want to pass. i want to get json token missing response as error
but its giving diffrent reponse like below
"{"fault":{"faultstring":"NullPointerException","detail":{"errorcode":"Internal Server Error"}}}"
I think we are solving the problem that the VerifyJWT policy is throwing an error.
The purpose of the VerifyJWT policy is to Verify a JWT. In order to verify a JWT, you must have a JWT. The way the policy works: it retrieves the JWT from a context variable that you specify.
I don't understand your comment:
i dont want to pass. i want to get json token
You must have a JWT to verify if you want to verify it. It makes no sense to use VerifyJWT if you don't have a JWT. If you want to generate a token, use the GenerateJWT policy. IF you don't want to verify a JWT, don't use the VerifyJWT policy.
For further details I direct you to the very helpful documentation on these policies.
please check video
https://docs.apigee.com/api-platform/reference/policies/verify-jwt-policy
in this document.
they are not passing token and at that time they are getting diffrent error not
"{"fault":{"faultstring":"NullPointerException","detail":{"errorcode":"Internal Server Error"}}}"
I don't know what problem we are trying to solve right now.
What is the problem?
please check video
I'm not interested in looking at a video contained in the Apigee docs. Explain YOUR PROBLEM to me, in your words. Your explanation of the problem up until now are not sufficient. Try to use more words, and more sentences than you think are necessary. I am utterly unclear at this point, even after all the back and forth, as to your problem. So take it slow and give me all the details.
Explanations like "i dont want to pass. i want to get token" and "please check video" are not helpful to me. That clarifies nothing. You will need to elaborate in much more detail if you'd like to get some help. Use nouns, verbs, subjects and predicates. Paragraphs. EXPLAIN. Address ALL THREE questions I posed above.
i m trying JWT varification policy
without passing it
errocode: step.jwt.InvalidToken
{"fault":{"faultstring":"NullPointerException","detail":{"errorcode":"Internal Server Error"}}}
There's an error in the VerifyJWT policy that results in this unexpected behavior. We've previously logged this error and have a fix which will be released as soon as we can release it. In the meantime you will have to work around this behavior.
I'm sorry for the inconvenience.
ohh ok thank you for reponse
User | Count |
---|---|
3 | |
2 | |
1 | |
1 | |
1 |