Function to create a JWT

I am implementing an update to my IOS app to provide Sign in with Apple. Apples policy also demands the ability to revoke the user token. This requires the construction and presentation of a specific Json Web Token to the Apple REST API and I need to use an Atlas Function to structure a signed JWT (using my private key) for presentation to that API accordingly. However, I have been unable to obtain a token as I expected and simply receive the following message
{"message":"Value is not an object: undefined","name":"TypeError"}, HTTP Status Code=400}
on the line in my makeJWT function that is meant to get the token. I can confirm that I have (apparently successfully) added the jsonwebtoken package to dependencies.

const jwt = require('jsonwebtoken')
let token = jwt.sign({ ...});

To satisfy Apples requirements this has a reasonably extended and complicated object definition (represented by … in the brackets) and I suspected that I had made an error in constructing that. So to get past first base I created a simpler makeJWTTest function with a simpler payload to see if I can call jwt.sign({…}) successfully at all as follows:

exports = function(){
    const jwt = require('jsonwebtoken')
    let token = jwt.sign({ foo: 'bar' }, "secret", { algorithm: 'RS256' });
    return token;
};

…which I would expect to deliver a token (albeit one that would not be suitable for revoking an Apple token!).
But this also results in the same error message. I am clearly missing something fundamental. I should be grateful for any help that can be provided for me to make some progress to at least be able to generate a JWT (any JWT!). Thanks. Chris

I noticed another related post from Dec 22 titled:
[Can’t use JWT (jsonwebtoken) in mongodb realm functions to verify]
by @Bhushan_Bharat with comment from @Raphael_Eskander identifying the jsonwebtoken version as a potential cause due to incompatibilities between the latest versions of jsonwebtoken and the node version on which the Realm functions run. I have therefore tried changing the version of jsonwebtoken to both 8.0.0 and 8.5.1. Unfortunately that just changed the error.

> ran at 1689288343169
> took 
> error: 
'crypto' module: error signing message

Update. With jsonwebtoken at version 8.5.1 and the algorithm changed to HS512 or HS256 the signed token is created successfully. Requiring the use of the RS256 or ES256 algorithms however produces the crypto module error. Is there perhaps another dependency or environmental setting required to allow these algorithms to work as well?

In order to implement Sign In with Apple, I have been working through @Sonisan excellent post titled “Apple sign in: revoke token”, but came across the issues raised in this post, which with his direct help and advice and another useful post titled “Can’t use JWT (jsonwebtoken) in mongodb realm functions to verify” from by @Bhushan_Bharat with comment from @Raphael_Eskander have now been overcome.
Issue 1: Since his original post jsonwebtoken has been upgraded to version 9 which is incompatible with the node level in which the Mongo DB Realm functions run. As a result the jsonwebtoken dependency needs to be set at version 5.8.1.
Issue 2: you need to include the start and close parts of your private key (easily missed) ie include:

`-----BEGIN PRIVATE KEY-----`

`-----END PRIVATE KEY-----`

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.