error while running API "JWT signature does not match locally computed signature. JWT validity cannot be asserted and should not be trusted."

See original GitHub issue

Hi,

can someone please help me to understand this error.

2017-06-09 16:03:18,919 INFO  com.capitalone.dashboard.Application - Started Application in 53.586 seconds (JVM running for 64.541)
2017-06-09 16:04:15,613 INFO  o.a.c.c.C.[.[localhost].[/api] - Initializing Spring FrameworkServlet 'dispatcherServlet'
2017-06-09 16:04:15,613 INFO  o.s.web.servlet.DispatcherServlet - FrameworkServlet 'dispatcherServlet': initialization started
2017-06-09 16:04:15,637 INFO  o.s.web.servlet.DispatcherServlet - FrameworkServlet 'dispatcherServlet': initialization completed in 24 ms
2017-06-09 16:04:15,760 ERROR o.a.c.c.C.[.[.[.[dispatcherServlet] - Servlet.service() for servlet [dispatcherServlet] in context with path [/api] threw exception
io.jsonwebtoken.SignatureException: JWT signature does not match locally computed signature. JWT validity cannot be asserted and should not be trusted.
        at io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:342) ~[jjwt-0.6.0.jar!/:0.6.0]
        at io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:458) ~[jjwt-0.6.0.jar!/:0.6.0]
        at io.jsonwebtoken.impl.DefaultJwtParser.parseClaimsJws(DefaultJwtParser.java:518) ~[jjwt-0.6.0.jar!/:0.6.0]
        at com.capitalone.dashboard.auth.token.TokenAuthenticationServiceImpl.getAuthentication(TokenAuthenticationServiceImpl.java:59) ~[api.jar!/:2.0.5-SNAPSHOT]
        at com.capitalone.dashboard.auth.token.JwtAuthenticationFilter.doFilter(JwtAuthenticationFilter.java:28) ~[api.jar!/:2.0.5-SNAPSHOT]
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) ~[spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE]
        at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:205) ~[spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE]
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) ~[spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE]
        at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:205) ~[spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RE

I am getting this error regarding key. I am not able to use the key which i got from core service as mentioned here https://github.com/capitalone/Hygieia/tree/master/UI#encryption-for-private-repos
I got the key, I have copied into api.properties as well as bitbucket.properties (I am trying to use this with bitbucket) due to this, I am not able to authenticate bitbucket URL and it’s giving me unauthorized as

2017-06-08 20:34:00,086 ERROR c.c.d.c.DefaultBitbucketCloudClient - 401 Unauthorized:https://bitbucket.org/api/2.0/repositories/awsagero/testapi/commits?sha=master&since=2017-06-08T20:22Z2

before adding this key in api.properties i was not getting any error. But now i am getting this error even if i remove key form api.properties, can someone please help me with this issue.

Thank you

Issue Analytics

  • State:closed
  • Created 6 years ago
  • Comments:9 (1 by maintainers)

github_iconTop GitHub Comments

2reactions
Saurabbhhcommented, Oct 11, 2017

Hello Everyone, this issue can be solved by running gulp serve again without closing the previous one. By this, UI will run on a new port and run that url in incognito mode of your browser. There is some issue with the cache memory. Try this method, it worked for me

1reaction
irvingoecommented, Jun 9, 2017

I got that issue yesterday when I fetch the latest changes. The way I fixed it was running mvn clean package install again from Hygieia root folder, then I was also having problems specifically related to a dashboard I created “manually” in MongoDB, I created a new dashboard and then it was all good. Another “hotfix” I did in my development was to make sure I was logged out before running ‘gulp serve’ again

Read more comments on GitHub >

github_iconTop Results From Across the Web

JWT signature does not match locally computed ...
SignatureException : JWT signature does not match locally computed signature. JWT validity cannot be asserted and should not be trusted. at io.
Read more >
JWT signature does not match locally computed ...
JWT validity cannot be asserted and should not be trusted message, but further retry with different pod confirms that the jwt is not...
Read more >
TheHive-Project/TheHive - Gitter
JWT validity cannot be asserted and should not be trusted. ... JWT signature in the cookie does not match the locally computed signature...
Read more >
Freshchat API responds with "JWT signature does not match ...
Freshchat API responds with "JWT signature does not match locally computed signature. JWT validity cannot be asserted and should not be trusted.
Read more >
Troubleshooting the Modeling Service
An error occurs when restoring the IdToken: JWT signature does not match locally computed signature. JWT validity cannot be asserted and should not...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found