Problem downloading credentials in the inji stack setup

Developer
1

I am running the inji stack setup that can be found in the inji-certify repository here: inji-certify/docker-compose/docker-compose-injistack at master · mosip/inji-certify.

After following all the steps, everything seems to be running normally, but every time I try to download a credential, I get this error after signing in with esignet:

image
image1728×663 77.9 KB

This is the part where I am stuck.

The logs in inji certify says:

org.springframework.security.oauth2.jwt.JwtValidationException: An error occurred while attempting to decode the Jwt: The iat claim is not valid

No Bearer / Opaque token provided, continue with the request chain

io.mosip.certify.core.exception.NotAuthenticatedException: invalid_token

My did is hosted in tomas-alexander.github.io/credenciales/farmer/did.json. Here it is:

{
  "assertionMethod": [
    "did:web:tomas-alexander.github.io:credenciales:farmer#key-0"
  ],
  "service": [],
  "id": "did:web:tomas-alexander.github.io:credenciales:farmer",
  "verificationMethod": [
    {
      "publicKeyMultibase": "z6MkvHNVc7iCqZwJkbzTZEBVSPeUyWNAk4RBjEamDo9CBsYd",
      "controller": "did:web:tomas-alexander.github.io:credenciales:farmer",
      "id": "did:web:tomas-alexander.github.io:credenciales:farmer#key-0",
      "type": "Ed25519VerificationKey2020",
      "@context": "https://w3id.org/security/suites/ed25519-2020/v1"
    }
  ],
  "@context": [
    "https://www.w3.org/ns/did/v1"
  ],
  "alsoKnownAs": [],
  "authentication": [
    "did:web:tomas-alexander.github.io:credenciales:farmer#key-0"
  ]
}

These are the URI I use in certify-csvdp-farmer.properties:

mosip.certify.data-provider-plugin.issuer-uri=did:web:tomas-alexander.github.io:credenciales:farmer
mosip.certify.data-provider-plugin.issuer-public-key-uri=did:web:tomas-alexander.github.io:credenciales:farmer#key-0

Mimoto error log:

org.springframework.web.client.HttpClientErrorException$Unauthorized: 401 : "{"error":"invalid_token","error_description":"invalid_token"}"

Inji-web error log:

"POST /v1/mimoto/credentials/download HTTP/1.1" 500 128 "http://localhost:3001/redirect?state=jz92iPDFsDiJ_nC8-HMq3H8xQOl6nAQFv5Hzxg8.ECu&code=5vBHJecXvPDv-9ijSB6MAC3_hB1k-0i24nSbeEg-pg8" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Edg/135.0.0.0" "-"

How can I solve this invalid token error?

2

I also confirmed that the did is the same as the one in localhost:8090/v1/certify/issuance/.well-known/did.json

3

Dear @TomasOGTIC ,

Thank you for reaching out, One of our expert colleagues will respond to your query here.

Best Regards
Team MOSIP

4

Hi @TomasOGTIC,

Thanks for trying out Inji Stack.

Can you check if your machine’s time is correctly synced with the time servers? A good way to do this is to open https://time.is/ on your browser. If you get " Your time is exact!" on the above page, it may be due to another issue, if it does not you’d have to sync your machines’ time with an NTP server.

1 Like
5

Thank you! It was actually that. I was ahead by 23 seconds :smiling_face_with_tear:

1 Like