JWT key verification broken (Edge Runtime 1.7.0+) for self-hosted deploymentsย #654
Description
Bug report
- I confirm this is a bug with Supabase, not with my own application.
- I confirm I have searched the Docs, GitHub Discussions, and Discord.
Describe the bug
The edge runtime 1.7.0 throws the following error when an edge function is called in an application that is using anon/service role keys:
TypeError: Key for the ES256 algorithm must be of type CryptoKey. Received an instance of Uint8Array
at asymmetricTypeCheck (https://deno.land/x/[email protected]/lib/check_key_type.ts:14:11)
at checkKeyType (https://deno.land/x/[email protected]/lib/check_key_type.ts:39:5)
at flattenedVerify (https://deno.land/x/[email protected]/jws/flattened/verify.ts:78:3)
at compactVerify (https://deno.land/x/[email protected]/jws/compact/verify.ts:15:26)
at Module.jwtVerify (https://deno.land/x/[email protected]/jwt/verify.ts:5:26)
at verifyJWT (file:///var/tmp/sb-compile-edge-runtime/root/index.ts:95:16)
at Object.handler (file:///var/tmp/sb-compile-edge-runtime/root/index.ts:140:34)
at mapped (ext:runtime/http.js:231:42)
at respond (ext:runtime/http.js:339:14)
at handleHttp (ext:runtime/http.js:160:9)
To Reproduce
Steps to reproduce the behavior, please provide code snippets or a repository:
On your local machine:
- Run a fresh
supabase init - Create a test edge hello world function
supabase start- Create a user (then a ES256 JWT is issued)
- Call edge function with the JWT
- Crash, check edge function logs
Expected behavior
Verification to work and no crash
System information
- OS: macOS, linux
- Version of supabase CLI: 2.72.6,
- Version of edge runtime: 1.7.0