Trying to process a token + secret.
On jwt.io token looks fine and is verified.
var FLocalSecret := TEncoding.UTF8.GetBytes(LocalSecret);
var JWT := TJOSE.DeserializeOnly(Token);
try
var Builder: IJOSEConsumerBuilder;
if (assigned(JWT.Claims.JSON.Values['TYPE']) and (JWT.Claims.JSON.Values['TYPE'].AsType < string >= 'LOC')) then
begin
// Build consumer for LocalSecret
Builder := TJOSEConsumerBuilder.NewConsumer.SetVerificationKey
(FLocalSecret).SetExpectedAlgorithms([TJOSEAlgorithmId.HS256]);
end
else
begin
// Build consumer for AppSecret
end;
Builder.SetAllowedClockSkew(0, TJOSETimeUnit.Seconds);
Builder.SetRequireIssuedAt;
var Consumer := Builder.Build;
Consumer.Process(Token); // <<< JWS signature is invalid: ..
However, I receive the following error message: “JWS signature is invalid: ..”
Sample project
TokenTest.zip (5.9 KB)
What am I doing wrong?