Failed to verify JWS signature on Custom JWT with PnP SDK for React Native

Help - Plug n Play PnP React Native SDK
, ,
1

I have issues on creating a new wallet through the custom jwt flow on PnP SDK for React Native. I created a verifier, insert the right data (double checked), the JWKS endpoint is right, working and returns this set of keys:

{
         "kty":"RSA",
         "use":"sig",
         "n":"j2eR24WqEBeCex4CTsPeFcYJTXs55NLCc41XGq2YePxIkr_vQcnJETZa7_wkhlU3Jc1yqfdOVtsB....",
         "e":"AQAB",
         "kid":"hDHSD99ZhWftZeKYEOk2e",
         "x5t":"3ydM4whaqv1nq2tmRoIdpGgmV4U",
         "x5c":[
            "MIIDHTCCAgWgAwIBAgIJXs8xqP2Y6accMA0GCSqGSIb3DQEBCwUAMCwxKjAoBgNVBAMTIWRl...."
         ],
         "alg":"RS256"
      },

I’m creating the JWT on the backend signing it with this set of JWKS and using it to create the wallet. This is the decode token:

HEADER
{
  "alg": "HS256",
  "typ": "JWT",
  "kid": "hDHSD99ZhWftZeKYEOk2e"
}
PAYLOAD
{
  "sub": "spazioscientifico",
  "iss": "...",
  "aud": "...",
  "iat": 1698493794,
  "exp": 1699098594
}

In the frontend this is how I initialize and use the SDK:

const web3authTest = new Web3Auth(WebBrowser, SecureStore, {
        clientId: WEB3_AUTH_CLIENT_ID,
        network: OPENLOGIN_NETWORK.TESTNET,
        loginConfig: {
          jwt: {
            verifier: 'elysiumlab-testnet',
            typeOfLogin: LOGIN_PROVIDER.JWT,
            clientId: WEB3_AUTH_CLIENT_ID,
          },
        },
      })

await web3auth?.login({
        loginProvider: LOGIN_PROVIDER.JWT,
        redirectUrl: resolvedRedirectUrl,
        extraLoginOptions: {
          id_token: account.access_token, // Get jwt
          verifierIdField: 'sub', // auth0 generally uses sub as unique identifier
        },
      })

I’m using this version of the SDK: "@web3auth/react-native-sdk": "^5.0.0",

When trying to connect the jwt with the SDK I alway get this error:

Screenshot 2023-10-27 alle 5.59.49 PM
Screenshot 2023-10-27 alle 5.59.49 PM534×840 61.8 KB

What am I missing here? Is there anything wrong in the JWT structure?

Thank you very much

2

@gianmarco.guazzo Welcome Aboard!

Please make sure you are following this guide:

The error indicates the inability to verify your JWT token. Please refer to the below troubleshooting guide:

Could you try generating a fresh token and check?

3

Hi there @vjgee, thank you for the reply! I already saw these two guides but still getting familiar with JWKS. I have two questions:

  • The algorithm of the jwt should be RS256 or HS256? Here’s a jwt if you want to see the field: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImhaSEdDODBaaFdmdFplR0dFT2syZSJ9.eyJzdWIiOiJnaWFubmlicm8iLCJpc3MiOiJodHRwczovL2Rldi1mdTVmNDVucHdjNXh0Z2FkLnVzLmF1dGgwLmNvbS8iLCJhdWQiOiJodHRwczovL2VseXNpdW0tc2VydmVyLXN0YWdpbmcuaGVyb2t1YXBwLmNvbS8iLCJpYXQiOjE2OTg5MzYyNTIsImV4cCI6MTY5OTU0MTA1Mn0.3Q_l-ZPVzqnuj8VC_3oA2ItOHQ1vaz4YpU5DajtQ0I4

  • Since I’m using an Auth0 JWKS endpoint, should I use their initialization:

    Screenshot 2023-11-02 alle 4.09.23 PM
    Screenshot 2023-11-02 alle 4.09.23 PM971×683 85.8 KB

I’m trying to understand how this thing work but still having some issues. I think the problem it’s inside the login function on which I sign the jwt but let me know If you see any other issues here.

Thanks in advance

4

RS256

Yes, that is correct.

You can refer to this guide to clarify how to setup Auth0 with Web3Auth:

5

Thanks @vjgee solved with my own set of jwks! Thanks again

1 Like
6