mauroporras opened a new issue #2886: URL: https://github.com/apache/couchdb/issues/2886
## Description I tried to add the `iss` claim as required, as indicated in the docs: https://docs.couchdb.org/en/stable/config/auth.html#jwt_auth/required_claims, but it's throwing `Invalid iss claim`. ## Steps to Reproduce I put this in my `local.ini` file: ``` [jwt_auth] ; List of claims to validate required_claims = iss ; [jwt_keys] ; Configure at least one key here if using the JWT auth handler. ; If your JWT tokens do not include a "kid" attribute, use "_default" ; as the config key, otherwise use the kid as the config key. ; Examples hmac:_default = aGVsbG8= hmac:foo = Zm9v ; The config values can represent symmetric and asymmetrics keys. ; For symmetrics keys, the value is base64 encoded; ; hmac:_default = aGVsbG8= # base64-encoded form of "hello" ; For asymmetric keys, the value is the PEM encoding of the public ; key with newlines replaced with the escape sequence \n. ; rsa:foo = -----BEGIN PUBLIC KEY-----\nMIIBIjAN...IDAQAB\n-----END PUBLIC KEY-----\n ; ec:bar = -----BEGIN PUBLIC KEY-----\nMHYwEAYHK...AzztRs\n-----END PUBLIC KEY-----\n ``` ## Expected Behaviour A `Bad Request` error if the `iss` claim is missing. ## Your Environment * CouchDB version used: 3.1.0 * Browser name and version: Google Chrome Version 81.0.4044.138 (Official Build) (64-bit) * Operating system and version: Ubuntu 20.04, installed from the Apache CouchDB package repository. ## Additional Context Stack trace: ``` [error] 2020-05-14T14:42:13.663783Z [email protected] <0.15084.6> b05a2bae1a req_err(1032618818) unknown_error : badarg [<<"erlang:list_to_existing_atom/1">>,<<"couch_httpd_auth:-get_configured_claims/0-lc$^0/1-0-/1 L216">>,<<"couch_httpd_auth:jwt_authentication_handler/1 L194">>,<<"chttpd:authenticate_request/2 L531">>,<<"chttpd:process_request/1 L303">>,<<"chttpd:handle_request_int/1 L243">>,<<"mochiweb_http:headers/6 L150">>,<<"proc_lib:init_p_do_apply/3 L247">>] [notice] 2020-05-14T14:42:13.663999Z [email protected] <0.15084.6> b05a2bae1a 34.66.61.236:5984 186.80.28.26 undefined GET /zea/_all_docs 500 ok 1 ``` Thank you. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
