[jira] [Work logged] (KNOX-2620) Signature algorithm mismatch in JWKS resource

[ASF GitHub Bot (Jira)]

     [ 
https://issues.apache.org/jira/browse/KNOX-2620?focusedWorklogId=609403&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-609403
 ]

ASF GitHub Bot logged work on KNOX-2620:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 09/Jun/21 21:33
            Start Date: 09/Jun/21 21:33
    Worklog Time Spent: 10m 
      Work Description: smolnar82 opened a new pull request #457:
URL: https://github.com/apache/knox/pull/457


   ## What changes were proposed in this pull request?
   
   Populating and returning the appropriate signature algorithm in the response 
of Knox's JWKS endpoint.
   
   ## How was this patch tested?
   
   Updated and ran `org.apache.knox.gateway.service.knoxtoken.JWKSResourceTest` 
successfully.
   In addition to uni testing I re-deployed Knox locally and invoked the 
updated JWKS endpoint:
   ```
   curl -iku admin:admin-password 
https://localhost:8443/gateway/homepage/knoxtoken/api/v1/jwks.json
   HTTP/1.1 200 OK
   Date: Wed, 09 Jun 2021 21:29:26 GMT
   X-Frame-Options: SAMEORIGIN
   X-XSS-Protection: 1;mode=block
   Content-Type: application/json
   Content-Length: 462
   
   {
        "keys": [{
                "kty": "RSA",
                "e": "AQAB",
                "use": "sig",
                "kid": "1jmRkVmXLeT-XYd5D8SVccjvNRaqiHypUhZCsIgOoSU",
                "alg": "RS256",
                "n": 
"mQ57g6fP3KeCAnGR9CuWzh4qBbNQZeCPU6mb47mxu3SF-KPuHSwvJwhnxlBPpzIC-IbpZjg5EnOfXC9sEZMB2VxFeUAkHOqq8K0nMFDaTXLekaoCDAMYwQXhP3SlHiYcWm2B1JqfDgfG492UBONRZmeE-qOGycad0E8NhREfoMVJGWSpYP-kI9qPRs3fNw3UpVpc69AGU9KuAu5VnmuV6wsik_ZkC3EjAS6UrUbfDF2gDczWTyBHlw-JcjKrWahCdBf0XoKSE1tqF7gvdrvASVdtjfiT8aUjFaYj7NfvJHPgc1tdshzEy814dH6myJ-YssjRLuBmSkn17AbAB5BM5w"
        }]
   }
   ```


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


Issue Time Tracking
-------------------

            Worklog Id:     (was: 609403)
    Remaining Estimate: 0h
            Time Spent: 10m

> Signature algorithm mismatch in JWKS resource
> ---------------------------------------------
>
>                 Key: KNOX-2620
>                 URL: https://issues.apache.org/jira/browse/KNOX-2620
>             Project: Apache Knox
>          Issue Type: Bug
>          Components: Server
>    Affects Versions: 1.6.0
>            Reporter: Sandor Molnar
>            Assignee: Sandor Molnar
>            Priority: Major
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> With KNOX-2570, a new public API endpoint got introduced which returns a JSON 
> that helps to verify the generated tokens. One of the JSON elements in the 
> response indicates the signature algorithm. This {{alg}} property is set to 
> {{RSA}} instead of the configured/default signature algorithm (this is 
> {{RS256}} if it's not overridden in the topology).



--
This message was sent by Atlassian Jira
(v8.3.4#803005)