Coder.comC
Coder.com3y ago
MrPeacock

OIDC Token in workspace has no valid signature

Hi @kyle I've updated yesterday immediatly to the newest v0.20.0 release to test OIDC Token. I'm able to pass the OIDC token into the workspace. At first everythings looks fine. But if I want use this token to get some very basic information from MS graph API I get an error.

curl -s -X GET -H "Authorization: Bearer ${CODER_TOKEN}" https://graph.microsoft.com/v1.0/me | jq .
{
  "error": {
    "code": "InvalidAuthenticationToken",
    "message": "Access token has expired or is not yet valid.",
    "innerError": {
      "date": "2023-03-23T01:46:40",
      "request-id": "vvvvvv",
      "client-request-id": "xxxxxx"
    }
  }
}


This is strange since I startet the workspace not long ago. BTW: With the current way to obtain the token it is not possible to get a fresh token into the workspace as a sidenote.

I went to https://jwt.io and pasted my token there in. The token can be decoded but something is wrong with the signature of it. It says "Invalid Signature".

@kyle can you test this too?
JWT.IO
JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties.
Was this page helpful?