mirror of
https://github.com/dani-garcia/vaultwarden.git
synced 2026-07-16 08:54:01 -05:00
Error decoding JWT #4400
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @talan-z on GitHub (Jul 26, 2020).
Hello!
I have below issue. Hopefully there is an easy fix!
Subject of the issue
I created a new organization and invited a friend to join. Upon clicking the link, filling up the new account information, and submitting, the following appears on the webpage: Error decoding JWT.
Your environment
Relevant logs
bitwarden_1 | [2020-07-26 14:12:36][request][INFO] GET /api/organizations/a52078e7-0de5-455c-93f9-872937062640/policies/token?token=eyJ0eXAiOiJKV1QiLCJhbGci
bitwarden_1 | [2020-07-26 14:12:36][error][ERROR] Error decoding JWT.
bitwarden_1 | [CAUSE] Error(
bitwarden_1 | ExpiredSignature,
bitwarden_1 | )
bitwarden_1 | [2020-07-26 14:12:36][response][INFO] GET /api/organizations/<org_id>/policies/token? (list_policies_token) => 400 Bad Request
bitwarden_1 | [2020-07-26 14:12:50][request][INFO] POST /api/accounts/register
bitwarden_1 | [2020-07-26 14:12:50][error][ERROR] Error decoding JWT.
bitwarden_1 | [CAUSE] Error(
bitwarden_1 | ExpiredSignature,
bitwarden_1 | )
bitwarden_1 | [2020-07-26 14:12:50][response][INFO] POST /api/accounts/register (register) => 400 Bad Request
Thank you,
Philipp
@dani-garcia commented on GitHub (Jul 26, 2020):
The emails expire after five days I think, did he open the link after that time has passed?
@BlackDex commented on GitHub (Oct 9, 2020):
Closing this long open issue. Please feel free to reopen if it is still not resolved 😄.
@ItsShadowCone commented on GitHub (Apr 26, 2021):
As of currently, this is still the case. Also the email does not say anything about the five day limit.
We should provide a different error message if token decoding fails due to expiration, especially for invite links.
@BlackDex commented on GitHub (Apr 26, 2021):
Well, the fefault value is 5 for upstream (although you can configure it there if self-hosted).
But it also does not mention this limit anywhere as far i can remember.
Though, we maybe can try to change the message maybe.
@BlackDex commented on GitHub (Jun 21, 2021):
I'm going to close this again, as we want to try and keep as close as possible to upstream.
If someone really want's to implement something regarding this we may accept a well written PR.
But in my opinion, it will only add more complexity since all tokens use the same decoding function.