Hi. I am having a hard time to figure out how to make jwt work with kong kubernetes.
This is how installed kong.
kubectl apply -f https://bit.ly/k4k8s
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
name: app-jwt
config:
key_claim_name: kid
claims_to_verify:
- exp
plugin: jwt
apiVersion: configuration.konghq.com/v1
kind: KongConsumer
metadata:
name: admin
annotations:
kubernetes.io/ingress.class: kong
username: admin
credentials:
- app-secret
apiVersion: v1
kind: Secret
metadata:
name: app-secret
type: Opaque
data:
kongCredType: and0
key: YWRtaW4K
algorithm: UlMyNTY=
rsa_public_key: |
LS0tLS1CRUdJTiBSU0EgUFVCTElDIEtFWS0tLS0tCk1JSUNDZ0tDQWdFQTJsTmlTUFhwL0ZBTi9rTFhSUlI2bHgrOG5kdzgrYmk4SzRuMFZJdVpIcmxwbERTbmdxYUMKYzJtSlFqajVRdytZS2VEdExQVUVlY1VtUTRMRmxISXdXZkgxZVk4c0MzSDBUaTNjNzFMZjJYbTRadnc0d3pQVwpEY0dzWFBHS0c1dC8wUTFBZFVjMHA1YzZtVC9XUFhzbTdPcnRmekRIM0I2ckJvaFhIc21jSjFBOTZaN0lqNWY5CnhSMS83RlNkdjMxd1VFK0pCR3RtR0VvK0gzTDI1RUJ1RmN4eVUrbFlBK0hSellSL0lmWitRcVdZS25OOVRnUGMKKzVXdDQ2aUtScUo0WEFIYWtXQmJrYjZTK3FFMWI3QlpLYU10Rnc1RXU5djg3NTFReGJrQ3IrdktyME8zbjhGTQpXVGdvMmRmNW5oNktlTWp3bUhMYWhEcFNKZ2xDd0duWU1LOFNwQUw5UG9pMjNFdngybjFJaHZvR3hjc0h4ZFZmClhoOFVyZGVETi85d3l6U2ZCTGg5azBkZXRYUi9yK244ejVWOGNkQUVvZmZud3BXR1lIUSs0cWVjNVNjdlJMU2YKODRydTExNGVWK29SQm4xOVM3ekhKOWFlYUhWWTJqd0ozK0prTjE2NUdSaWVZb3hCRW1zNktEaTAvbCtoRVlkZgo5WFFBRzJnNFpxem1Xdm12d1FZdXZoNDRHb1JNZllzdUJNQ2MwWFNxTm9XZFFmZHZoN1Nicy9uaUhVekZUOENrCnh0bHFHM1lHTUZscDg1aW41YTNlcW1LSmVtZEdlbnFOSFByYVVrWldjdWF1MTYweUtSNVpHWWJIVGhNY3JicFEKZC9yMGNsZVBFbGtpWWNPQUtnb2p6YWE2cUszenA3WDljbTJEWU0vV1BzSDB2OExEb3ZDTXdRY0NBd0VBQVE9PQotLS0tLUVORCBSU0EgUFVCTElDIEtFWS0tLS0tCgo=
jet payload
{
"sub": "1234567890",
"name": "John Doe",
"admin": true,
"iat": 1516239022,
"exp": 1900000000,
"kid": "admin"
}
header
{
"alg": "RS256",
"typ": "JWT",
"kid": "admin"
}
So even after all this, i get
curl -i -H “Authorization: Bearer ${ADMIN_JWT}” $PROXY_IP/get
{"message":"No credentials found for given 'kid'"}%
Where i might be going wrong?