Error: Invalid token

Question

Error: Invalid token

Closed this issue 5 months ago · 4 comments

Hello, when I deploy the goflet in docker on my Windows local machine. Follwing error ouccurs:

The curl command generated by swagger is :

curl -X 'POST' \
  'http://localhost:8080/file/%2Fimage%2Flogo.png' \
  -H 'accept: application/json' \
  -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnb2ZsZXQiLCJpYXQiOjE3MTAwMDgxNTksIm5iZiI6MTcxMDAwODE1OSwicGVybWlzc2lvbnMiOlt7InBhdGgiOiIvZmlsZS9pbWFnZXMvKiIsIm1ldGhvZHMiOlsiUE9TVCJdfV19.f7TezQ0-c3-O21thziw5m95iqIuQvdcDPgzg5N1QB6Q' \
  -H 'Content-Type: multipart/form-data' \
  -F 'file=@logo.png;type=image/png'

And this is my goflect.json file:

{
  "debug": false,
  "swaggerEnabled": true,
  "logConfig": {
    "enabled": true,
    "level": "info"
  },
  "httpConfig": {
    "host": "0.0.0.0",
    "port": 8080,
    "cors": {
      "enabled": false,
      "origins": [
        "*"
      ],
      "methods": [
        "HEAD",
        "GET",
        "POST",
        "PUT",
        "DELETE",
        "OPTIONS"
      ],
      "headers": [
        "Content-Type",
        "Authorization"
      ]
    },
    "clientCache": {
      "enabled": true,
      "maxAge": 3600
    },
    "httpsConfig": {
      "enabled": false,
      "cert": "",
      "key": ""
    }
  },
  "fileConfig": {
    "baseFileStoragePath": "data",
    "allowFolderCreation": true,
    "uploadPath": "upload",
    "uploadLimit": 1073741824,
    "uploadTimeout": 7200,
    "maxPostSize": 20971520
  },
  "cacheConfig": {
    "cacheType": "MemoryCache",
    "MemoryCache": {
      "maxEntries": 1000,
      "defaultTTL": 60
    }
  },
  "imageConfig": {
    "defaultFormat": "jpeg",
    "allowedFormats": [
      "png",
      "jpeg",
      "gif"
    ],
    "strictMode": true,
    "allowedSizes": [
      16,
      32,
      64,
      128,
      256,
      512,
      1024
    ],
    "maxFileSize": 20971520,
    "maxWidth": 4096,
    "maxHeight": 4096
  },
  "jwtConfig": {
    "enabled": true,
    "algorithm": "HS256",
    "Security": {
      "signingKey": "goflet",
      "publicKey": "",
      "privateKey": ""
    },
    "trustedIssuers": null
  },
  "cronConfig": {
    "deleteEmptyFolder": 3600,
    "cleanOutdatedFile": 3600
  }
}

I really have no idea about this.

Answer 1 · 2024-05-20T11:40:24.000Z

After decoding your JWT, I found that the allowed path set in the JWT appears to be /file/images/*, while the actual requested path is /file/image/logo.png, which caused an error.

Answer 2 · 2024-05-20T11:48:33.000Z

Thanks, but when I change the path to /file/images/logo.png, the same error occur.

Answer 3 · 2024-05-20T12:07:42.000Z

Your JWT might have used the wrong secret key during the encryption process. According to your configuration, your secret key is goflet, but it seems that the secret key used for encryption of JWT is your-256-bit-secret.

Answer 4 · 2024-05-20T12:10:49.000Z

Your JWT might have used the wrong secret key during the encryption process. According to your configuration, your secret key is goflet, but it seems that the secret key used for encryption of JWT is your-256-bit-secret.

Many thanks. The problem has been solved.