Skip to content

fix(oauth): prevent panic when using JWK auth #536

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
milas wants to merge 1 commit into
base: master
Choose a base branch
from
Open

fix(oauth): prevent panic when using JWK auth #536

milas wants to merge 1 commit into from

Conversation

@milas
Copy link

@milas milas commented Aug 20, 2025

Summary

When building the client assertion for JWK auth mode, "" is being passed for the client ID and nil is being passed for the signer.

SDK config:

okta.WithAuthorizationMode("JWK")
okta.WithJWK(jwkValue)
okta.WithEncryptionType("RSA")

Panic:

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x2 addr=0x20 pc=0x103232ab8]

goroutine 1 [running]:
github.com/go-jose/go-jose/v3/jwt.(*signedBuilder).sign(0x1400016cd08)
	/Users/milas/dev/go/pkg/mod/github.com/go-jose/go-jose/[email protected]/jwt/builder.go:225 +0x58
github.com/go-jose/go-jose/v3/jwt.(*signedBuilder).CompactSerialize(0x0?)
	/Users/milas/dev/go/pkg/mod/github.com/go-jose/go-jose/[email protected]/jwt/builder.go:198 +0x1c
github.com/okta/okta-sdk-golang/v5/okta.createClientAssertion({0x103424595, 0x1e}, {0x0, 0x0}, {0x0, 0x0})
	/Users/milas/dev/go/pkg/mod/github.com/okta/okta-sdk-golang/[email protected]/okta/client.go:691 +0x18c
github.com/okta/okta-sdk-golang/v5/okta.getAccessTokenForPrivateKey(0x14000142390, {0x103424595, 0x1e}, {0x1400016e2c0, 0x2b4}, {0x140000c0580, 0x32}, {0x1400009ec80, 0x1, 0x1}, ...)
	/Users/milas/dev/go/pkg/mod/github.com/okta/okta-sdk-golang/[email protected]/okta/client.go:731 +0x930
github.com/okta/okta-sdk-golang/v5/okta.(*JWKAuth).Authorize(0x140000e4180, {0x103415198, 0x3}, {0x140000c05c0, 0x2a})
	/Users/milas/dev/go/pkg/mod/github.com/okta/okta-sdk-golang/[email protected]/okta/client.go:582 +0x538
github.com/okta/okta-sdk-golang/v5/okta.(*APIClient).prepareRequest(0x1400011c688, {0x10370f270, 0x103a92800}, {0x140000d0b10, 0x26}, {0x103415198, 0x3}, {0x0?, 0x0?}, 0x14000039c18, ...)
	/Users/milas/dev/go/pkg/mod/github.com/okta/okta-sdk-golang/[email protected]/okta/client.go:1256 +0x14d0

Fixes N/A

Type of PR

  • Bug Fix (non-breaking fixes to existing functionality)
  • New Feature (non-breaking changes that add new functionality)
  • Documentation update
  • Test Updates
  • Other (Please describe the type)

Test Information

  • My PR required test updates

Go Version: 1.25.0
Os Version: n/a
OpenAPI Spec Version: n/a

Signoff

  • I have submitted a CLA for this PR
  • Each commit message explains what the commit does
  • I have updated documentation to explain what my PR does
  • My code is covered by tests if required
  • I ran make fmt on my code
    • I did this but it changed a TON of unrelated stuff; my commit is properly formatted though
  • I did not edit any automatically generated files

@milas
Copy link
Author

milas commented Aug 20, 2025

FYI I believe the JWTAuth might be broken as well, but I am not using that so was not confident in making a fix there.

@github-actions
Copy link

github-actions bot commented Sep 18, 2025

This PR has been marked stale because there has been no activity within the last 28 days. To keep this PR active, remove the stale label.

@github-actions github-actions bot added the stale label Sep 18, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

stale

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@milas