Trying to verify idToken on server side, getting TypeError : {} proto: TyprError

[shahbaz17]

Using Server Side Verification codes from https://web3auth.io/docs/server-side-verification/social-login-users

Asked by Hayri Calboru on Telegram Developer Group

[calboru]

Using Server Side Verification codes from https://web3auth.io/docs/server-side-verification/social-login-users

Asked by Hayri Calboru on Telegram Developer Group

const jwks = jose.createRemoteJWKSet(
new URL('https://api.openlogin.com/jwks')
);

try {
// Verify the JWT using Web3Auth's JWKS
const jwtDecoded = await jose.jwtVerify(
'idToken RECEIVED FROM AUTH RESPONSE ',
jwks,
{ algorithms: ['ES256'] }
);

console.log(jwtDecoded);
} catch (err) {
console.log(err);
}
};

ERROR:
TypeError {}
proto: TypeError

Reproduceble in here:

https://stackblitz.com/edit/react-ts-5ezavp?file=App.tsx

[shahbaz17]

Yes, recently updated the docs. Like few weeks back.

Is it working now?

[shahbaz17]

Oh my bad. You're using it for Socials. and JWKS endpoint is correct.

// Get the JWK set used to sign the JWT issued by Web3Auth
const jwks = jose.createRemoteJWKSet(new URL("https://api.openlogin.com/jwks"));

[shahbaz17]

Which web3auth package are you using to generate the idToken?

Also, please share the idToken received from web3auth here.

[calboru]

It is not working with the url provided above. I get TypeError

[shahbaz17]

Use https://api.openlogin.com/jwks as JWKS

Also, the idToken must be obtained new each time. iss should be less than 120 seconds.

[calboru]

ID TOKEN:
eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IlRZT2dnXy01RU9FYmxhWS1WVlJZcVZhREFncHRuZktWNDUzNU1aUEMwdzAifQ.eyJpYXQiOjE2NjE4NTQ5ODUsImF1ZCI6IkJQdVNWOFFhLU5XTWxJa3F2WXJvMkJEeUtNaG1vUkJuTjlpT205WmMxalhfekFYVk8wcmhzSmxDcmQ4YmJkbWpoOUk3WHBKXzZLX1p3QTVIaTc5UlNIVSIsIm5vbmNlIjoiMDM1ZDczNTc1ZmQ1OGUyMjFkM2MzOTUzZTg5YTJjOWQzNjc1OTkzYjYyZTNkNDRhMDA0YjAwMDI0MDExOWM1NGY3IiwiaXNzIjoiaHR0cHM6Ly9hcGkub3BlbmxvZ2luLmNvbSIsIndhbGxldHMiOlt7InB1YmxpY19rZXkiOiIwMjI1MGQ0MzliMjdkN2ZmNjY1Y2ZhMzcyMWU0MzNjNzcyN2Y2YzcxNTBkOTAxZjYyODc3MjFmZmI2ZWNhMGQ2YmEiLCJ0eXBlIjoid2ViM2F1dGhfYXBwX2tleSIsImN1cnZlIjoic2VjcDI1NmsxIn1dLCJlbWFpbCI6Im9rYW5ncmF5d29sZkBnbWFpbC5jb20iLCJuYW1lIjoiT2thbiBHcmF5d29sZiIsInByb2ZpbGVJbWFnZSI6Imh0dHBzOi8vcGJzLnR3aW1nLmNvbS9wcm9maWxlX2ltYWdlcy8xNTE5NjcwOTI3ODAxNDM0MTE0L0NUZk1YcUh1X25vcm1hbC5qcGciLCJ2ZXJpZmllciI6InRvcnVzIiwidmVyaWZpZXJJZCI6InR3aXR0ZXJ8MTUxNTQxMjYwMTgyNzcwMDc0MSIsImFnZ3JlZ2F0ZVZlcmlmaWVyIjoidGtleS1hdXRoMC10d2l0dGVyLWxyYyIsImV4cCI6MTY2MTk0MTM4NX0.IBu4EY9gglE9iZICkdFq7vrtchpiP8vllzZpH0Gs06z5z81Dm2tyCOg3gAiBkDGixQtgDL_XjEQXe5R_CYZYwg

[calboru]

I am using "@web3auth/react-native-sdk";

[shahbaz17]

Below code would be running at your backend (Node):

import * as jose from "jose"

// Get the JWK set used to sign the JWT issued by Web3Auth
const jwks = jose.createRemoteJWKSet(new URL("https://api.openlogin.com/jwks"));

// Verify the JWT using Web3Auth's JWKS
const jwtDecoded = await jose.jwtVerify(idToken, jwks, { algorithms: ["ES256"] });

[calboru]

So this would not work on the browser such as StackBlitz? Can you check following server side code please?

https://stackblitz.com/edit/react-ts-5ezavp?file=App.tsx

This is with new Id token less than 120 second.

[shahbaz17]

I just tried it locally, and it's working. See the screenshot attached. It may be StackBlitz error. Try running in a Node.js app.

[calboru]

Thank you Shabaz.

[calboru]

Confirmed!. It is working on node.js environment. It is not working on Stackblitz.