I have a web client and REST API that I’m trying to secure with JWT. I have the client-side Azure AD interaction working and I am successfully obtaining an id_token and an access_token.
For reasons I don’t yet understand, Azure AD puts the “roles” claim in the id_token and not in the access_token so I am passing both tokens to the server in the header of my https request to my REST services.
I am running a Grizzly + JAX-RS web server application and am trying to implement a ContainerRequestFilter that will validate the user’s role against the REST service they are requesting.
My problem is that in my ContainerRequestFilter I call:
DecodedJWT jwtIdent = JWT.decode(identificationHeader);
and it never returns or the Grizzly thread dies or some other catastrophe occurs but it never gets past this point and there are no discernible exceptions.
Curiously, I have a standalone application that makes exactly the same call and it works perfectly.
Does anyone have any idea what might be going on?
The client-side request object is set up as such:
var request = {
method: 'POST',
url: url,
headers: {
'Content-Type': 'application/json;charset=utf-8',
'Authorization': "Bearer " + $scope.tokens.accessToken,
'Identification': $scope.tokens.idToken
}
};
I am concerned that the “charset=utf8” may be interacting poorly with the decode call.
Thanks in advance.