ES256 is not a supported algorithm when logging with Inrupt.com (Pod Spaces) account
acailly opened this issue · 1 comments
Hi,
When logging with an Inrupt.com account (a.k.a Pod Spaces, https://signup.pod.inrupt.com/) on several apps, I find the following error in the console: normalizedAlgorithm.importKey is not a function after trying to access other users data which are hosted in a NSS instance
After setting up a local Node Solid Server instance and reproducing the bug, I found the problem occurs here: https://github.com/solid/jose/blob/main/src/jose/JWA.js#L90
I logged around this line to get more info:
Expand to see logs
normalizedAlgorithm: {
"message": "ES256 is not a supported algorithm"
}
supportedAlgorithms: {
"sign": {
"HS256": {
"params": {
"name": "HMAC",
"hash": {
"name": "SHA-256"
}
}
},
"HS384": {
"params": {
"name": "HMAC",
"hash": {
"name": "SHA-384"
}
}
},
"HS512": {
"params": {
"name": "HMAC",
"hash": {
"name": "SHA-512"
}
}
},
"RS256": {
"params": {
"name": "RSASSA-PKCS1-v1_5",
"hash": {
"name": "SHA-256"
}
}
},
"RS384": {
"params": {
"name": "RSASSA-PKCS1-v1_5",
"hash": {
"name": "SHA-384"
}
}
},
"RS512": {
"params": {
"name": "RSASSA-PKCS1-v1_5",
"hash": {
"name": "SHA-512"
}
}
},
"none": {}
},
"verify": {
"HS256": {
"params": {
"name": "HMAC",
"hash": {
"name": "SHA-256"
}
}
},
"HS384": {
"params": {
"name": "HMAC",
"hash": {
"name": "SHA-384"
}
}
},
"HS512": {
"params": {
"name": "HMAC",
"hash": {
"name": "SHA-512"
}
}
},
"RS256": {
"params": {
"name": "RSASSA-PKCS1-v1_5",
"hash": {
"name": "SHA-256"
}
}
},
"RS384": {
"params": {
"name": "RSASSA-PKCS1-v1_5",
"hash": {
"name": "SHA-384"
}
}
},
"RS512": {
"params": {
"name": "RSASSA-PKCS1-v1_5",
"hash": {
"name": "SHA-512"
}
}
},
"none": {}
},
"encrypt": {},
"decrypt": {},
"importKey": {
"RS256": {
"params": {
"name": "RSASSA-PKCS1-v1_5",
"hash": {
"name": "SHA-256"
}
}
},
"RS384": {
"params": {
"name": "RSASSA-PKCS1-v1_5",
"hash": {
"name": "SHA-384"
}
}
},
"RS512": {
"params": {
"name": "RSASSA-PKCS1-v1_5",
"hash": {
"name": "SHA-512"
}
}
}
}
}
key.alg: "ES256"And this file seems to confirm the absence of E256: https://github.com/solid/jose/blob/main/src/algorithms/index.js#L58
Does it mean that inrupt.com (and I guess other ESS based accounts) are currently not compatible with node-solid-server?
Hey, i tested this locally after doing npm update. You could double check, but it seems to be resolved by nodeSolidServer/jose#19 as well. May take some time before showing up in production servers though...