Problem downloading credentials in the inji stack setup

I am running the inji stack setup that can be found in the inji-certify repository here: inji-certify/docker-compose/docker-compose-injistack at master · mosip/inji-certify.

After following all the steps, everything seems to be running normally, but every time I try to download a credential, I get this error after signing in with esignet:

This is the part where I am stuck.

The logs in inji certify says:

org.springframework.security.oauth2.jwt.JwtValidationException: An error occurred while attempting to decode the Jwt: The iat claim is not valid
No Bearer / Opaque token provided, continue with the request chain
io.mosip.certify.core.exception.NotAuthenticatedException: invalid_token

My did is hosted in tomas-alexander.github.io/credenciales/farmer/did.json. Here it is:

{
  "assertionMethod": [
    "did:web:tomas-alexander.github.io:credenciales:farmer#key-0"
  ],
  "service": [],
  "id": "did:web:tomas-alexander.github.io:credenciales:farmer",
  "verificationMethod": [
    {
      "publicKeyMultibase": "z6MkvHNVc7iCqZwJkbzTZEBVSPeUyWNAk4RBjEamDo9CBsYd",
      "controller": "did:web:tomas-alexander.github.io:credenciales:farmer",
      "id": "did:web:tomas-alexander.github.io:credenciales:farmer#key-0",
      "type": "Ed25519VerificationKey2020",
      "@context": "https://w3id.org/security/suites/ed25519-2020/v1"
    }
  ],
  "@context": [
    "https://www.w3.org/ns/did/v1"
  ],
  "alsoKnownAs": [],
  "authentication": [
    "did:web:tomas-alexander.github.io:credenciales:farmer#key-0"
  ]
}

These are the URI I use in certify-csvdp-farmer.properties:

mosip.certify.data-provider-plugin.issuer-uri=did:web:tomas-alexander.github.io:credenciales:farmer
mosip.certify.data-provider-plugin.issuer-public-key-uri=did:web:tomas-alexander.github.io:credenciales:farmer#key-0

Mimoto error log:

org.springframework.web.client.HttpClientErrorException$Unauthorized: 401 : "{"error":"invalid_token","error_description":"invalid_token"}"

Inji-web error log:

"POST /v1/mimoto/credentials/download HTTP/1.1" 500 128 "http://localhost:3001/redirect?state=jz92iPDFsDiJ_nC8-HMq3H8xQOl6nAQFv5Hzxg8.ECu&code=5vBHJecXvPDv-9ijSB6MAC3_hB1k-0i24nSbeEg-pg8" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Edg/135.0.0.0" "-"

How can I solve this invalid token error?

I also confirmed that the did is the same as the one in localhost:8090/v1/certify/issuance/.well-known/did.json

Dear @TomasOGTIC ,

Thank you for reaching out, One of our expert colleagues will respond to your query here.

Best Regards
Team MOSIP

Hi @TomasOGTIC,

Thanks for trying out Inji Stack.

Can you check if your machine’s time is correctly synced with the time servers? A good way to do this is to open https://time.is/ on your browser. If you get " Your time is exact!" on the above page, it may be due to another issue, if it does not you’d have to sync your machines’ time with an NTP server.

1 Like

Thank you! It was actually that. I was ahead by 23 seconds :smiling_face_with_tear:

1 Like

Hi @TomasOGTIC,

Just checking in — is everything working fine now?
If you’re still facing any issues, please let us know. We’d be happy to assist!

Best regards,
Team MOSIP

Hi @sanchi-singh24 ,

I was able to download credentials from the .csv file succesfully. Thank you for the support.

Right now I am trying to use the PostgreSQL plugin but I am a little lost in how I should implement it. But that’s probably for another question and another thread.

That being said, is it possible to use the PostgreSQL plugin that can be found in mosip/inji-certify: Repository hosts the source code, documentation, and other related files for the Inji Certify project in the inji stack setup that can be found in inji-certify/docker-compose/docker-compose-injistack/README.md at master · mosip/inji-certify?

If it’s possible I can open another question to express my doubts

Hi @TomasOGTIC

yes you can follow the steps mentioned in the link you shared to setup certify with postgres SQL. it is supported.

Regards,
Varaniya S
On behalf of MOSIP

Hi @TomasOGTIC ,

You can use PostgresSQL plugin in the docker compose example, you’d have to create relevant entries in the Postgres pod and configure it accordingly.

However, I’d like to know if there’s any reason or preference for wanting to try out the same? We made docker compose injistack as a 10minute setup for demo(s) and a single node testing/VC design-generation-download-verification journey and purposefully kept the README minimal.

Here’s the README for configuring the Postgres dataprovider plugin., if you have a specific usecase, do use it and share feedback.

How do u manage to do this? Mine is behind with 0.06 seconds!!

How do u manage to do this? Mine is behind with 0.06 seconds!!

For now, you’d have to sync your machine time with an NTP server, but worry not, a 0.06 second delay shouldn’t be causing a VC download failure IMO.

Your Operating system might be scheduled to do this on a more frequent basis, but you can also trigger it by yourself.

1 Like