Device: iPhone iPhone OS: 16.5.1 App: 1.14.4 ---------- [2023-07-11 03:57:50] Initializing the app... [2023-07-11 03:57:50] ...app initialization completed! [2023-07-11 03:57:50] Verifying data integrity... [2023-07-11 03:57:50] ...data integrity verification finished [2023-07-11 03:57:50] Fetching server configuration... [2023-07-11 03:57:50] ...server configuration fetching skipped! [2023-07-11 03:57:51] [F7134D8A-D644-409B-87D8-AF1F8F57054D] HTTP GET /lookup [2023-07-11 03:57:51] [F7134D8A-D644-409B-87D8-AF1F8F57054D] HTTP 200 /lookup [2023-07-11 03:57:51] [D0B0C7E8-7A62-484E-AE1B-0F157EBBE8F0] HTTP GET /img/avatar/user_medium.png [2023-07-11 03:57:52] [D0B0C7E8-7A62-484E-AE1B-0F157EBBE8F0] HTTP 200 /img/avatar/user_medium.png [2023-07-11 03:58:01] Beginning authorization... [2023-07-11 03:58:02] ...creating new access token... [2023-07-11 03:58:02] ...fetching server public RSA key... [2023-07-11 03:58:02] ...fetching server public PGP key... [2023-07-11 03:58:02] [76C8D9E4-A1C2-4839-A167-30C1ED73D85F] HTTP GET /auth/verify.json [2023-07-11 03:58:02] [1022FD2E-D7AC-46E8-8FFA-0764BCF2CFF2] HTTP GET /auth/jwt/rsa.json [2023-07-11 03:58:02] [1022FD2E-D7AC-46E8-8FFA-0764BCF2CFF2] HTTP 200 /auth/jwt/rsa.json [2023-07-11 03:58:02] [76C8D9E4-A1C2-4839-A167-30C1ED73D85F] HTTP 200 /auth/verify.json [2023-07-11 03:58:02] ...verifying server public PGP key... [2023-07-11 03:58:02] ...preparing authorization challenge... [2023-07-11 03:58:02] [6DDE6047-9B1A-4291-81FA-9CB3169AC685] HTTP POST /auth/jwt/login.json [2023-07-11 03:58:02] [6DDE6047-9B1A-4291-81FA-9CB3169AC685] HTTP 200 /auth/jwt/login.json [2023-07-11 03:58:03] Access token signature verification failed [2023-07-11 03:58:03] ...authorization failed! [2023-07-11 03:58:03] Access token signature verification failed
I’m having difficulty debugging and getting past a “Access token signature verification” failure when logging into a self hosted version of passbolt using IOS that i am running on a kubernetes cluster. To deploy it i used the helm charts that the passbolt team published on github. As it stands the web and browser plugin works though when i attempt to login via the ios app i get the above error.
Here are my attempts to debug this.
- Checked the kubernetes ingress to see if it was blocking anything, i could not definitly tell since I had a hard time determining how the ios app was authinticatin itself it seems to be hitting api endpoints that are not documented. So this could be the issue though i dont think so.
- I noticed that the version of passbolt deployed from the helm chart was out of date so i deployed the most recent version using docker-compose keeping the networking identical between the machine running docker-compose and kubernetes, to see if i messed up some networking config on the edge. The version of passbolt using docker-compose worked as intented. So maybe there is a bug in passbolt 4.0.2?
- Changed ENV PASSBOLT_AUTH_JWT_ACCESS_TOKEN, PASSBOLT_AUTH_LOGIN_TOKEN_EXPIRY, PASSBOLT_AUTH_MOBILE_TRANSFER_TOKEN_EXPIRY; to longer times seeing if it was a timing difference between my phone and the server, did not work.
My next idea is to go through the steps to upgrade the container image that helm is deploying to see if that fixes the issue.
If that idea fails it would be great to hear if anyone has any ideas on additional steps i could take to help debug this.