pokemon/nuzlocke-tracker
1
1
Fork 0
Code Issues Pull Requests 10 Actions Packages Projects Releases Wiki Activity

fix: accept ES256 (ECC P-256) JWT keys alongside RS256 in backend auth

Browse Source 
Supabase JWT key was switched to ECC P-256, but the JWKS verification
only accepted RS256. Add ES256 to the accepted algorithms list.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Julian Tabel
2026-03-22 11:52:42 +01:00
parent 80d5d01993
commit e935bc4d32
3 changed files with 62 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
.beans/nuzlocke-tracker-snft--support-es256-ecc-p-256-jwt-keys-in-backend-auth.md Normal file
View File

@@ -0,0 +1,10 @@
---
# nuzlocke-tracker-snft
title: Support ES256 (ECC P-256) JWT keys in backend auth
status: in-progress
type: bug
created_at: 2026-03-22T10:51:30Z
updated_at: 2026-03-22T10:51:30Z
---
Backend JWKS verification only accepts RS256 algorithm, but Supabase JWT key was switched to ECC P-256 (ES256). This causes 401 errors on all authenticated requests. Fix: accept both RS256 and ES256 in the algorithms list, and update tests accordingly.