![]() ![]() This is because a JWT token is made up of parts:īase64URLEncode() + "." + Signature for example. Įxample: public static void decodeTokenParts(String token)īyte bytes = Base64.getUrlDecoder().decode(part) But you have to decode PARTS of the token which is separated by a DOT "." character (0x2e in hex, 46 in dec, . in html - ASCII/UTF8). The reason it doesn't parse is because you are trying to Base64URLDecode the ENTIRE token. ![]() So, now I have a better understanding of how to parse this token, and I will remember this lesson for a long time. So, when I went to unit test it, of course it completely broke. Return (new JSONObject(new String(Base64.getDecoder().decode(token)))).getString(propertyName) Īnd there was no unit testing at all. the code I inherited from a "proof of concept" project was: public static String getTokenProperty(String token, String propertyName) I am only getting back the header data, and what I really need is the payload.įor the record. ("getTokenProperty: jsonObject = " + jsonObject.toString()) So, when I do: JSONObject jsonObject = new JSONObject(decodedString) Gives me back a string of the header, payload, and signature data. String decodedString = new String(bytes, StandardCharsets.UTF_8) I switched from java,util.Base64 to .binary.Base64Īnd this seems to work somewhat, I don't get an error now. The token is as follows: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik1qSTRRVFEwT1VRNU9VSXlSVEV6TlRBd05UVXpSVVExTlVOR05FVkVORGRDTlRnM016VXdRZyJ9.eyJodHRwczovL2JpdG9vbXRyYWRlci5uZXQvYXV0aG9yaXphdGlvbiI6eyJncm91cHMiOlsiQ29uc3VtZXJzIl0sInJvbGVzIjpbIlVzZXIiXX0sImlzcyI6Imh0dHBzOi8vYml0em9vbS5hdXRoMC5jb20vIiwic3ViIjoiYXV0aDB8NWNhNTE5NzZjYzMzZjUxMTBhYWNkYmM0IiwiYXVkIjpbImh0dHBzOi8vYml0em9vbS5hdXRoMC5jb20vYXBp元YyLyIsImh0dHBzOi8vYml0em9vbS5hdXRoMC5jb20vdXNlcmluZm8iXSwiaWF0IjoxNTU5MzIzNDI1LCJleHAiOjE1NTk0MDk4MjUsImF6cCI6IlliRGFSelRVQkFtZEFrSExqdjZ0bEI3U05xSTF1RlNtIiwic2NvcGUiOiJvcGVuaWQgcHJvZmlsZSBlbWFpbCBhZGRyZXNzIHBob25lIHJlYWQ6Y3VycmVudF91c2VyIHVwZGF0ZTpjdXJyZW50X3VzZXJfbWV0YWRhdGEgZGVsZXRlOmN1cnJlbnRfdXNlcl9tZXRhZGF0YSBjcmVhdGU6Y3VycmVudF91c2VyX21ldGFkYXRhIGNyZWF0ZTpjdXJyZW50X3VzZXJfZGV2aWNlX2NyZWRlbnRpYWxzIGRlbGV0ZTpjdXJyZW50X3VzZXJfZGV2aWNlX2NyZWRlbnRpYWxzIHVwZGF0ZTpjdXJyZW50X3VzZXJfaWRlbnRpdGllcyIsImd0eSI6InBhc3N3b3JkIn0.St7097L1ZAlBWcAPrie-8CGV2F3Fr8uNYpSDVKSPVPF4zBZrmm62_UAj7Ssux8AjUy0LhjiF3kLpNph2L7yrpUREw6TyGJwQasfdVtM5VzRYUcy-fOGyRSqPQorbzxJQZzs2pyDJm-2hMQ0McJ37ubKIWrHFD5McMedN6THK7g5TExX47XCRPcOuCEWm3bf3zdWF2LEGhCw_c-lcZDwlb4ePkO721XjSWtrXEBvxc8scFNaHDt7VOnrSze4XK_LO8eE8bHRq6qUrWf1csYucK-aHazBsvfdl-6QDRk-tOBM-LdXJMT7H8Ih6trxVmZofQjr2dQ4j_3DTVoU3eLdog I would like to use the Java 8 Base64 which is standard, but I am thinking that I may need to use an external third-party Base64 decoder. With ALL these tokens from these different servers, I get the same error. all return with JWT Base64 encoded tokens. I tried this with a token from my Oauth2 Service, I got a token from Syncope, and I got a token from Auth0. The error occurs on the decoder line as follows: : Illegal base64 character 2e Return (new JSONObject(decodedString)).getString(propertyName) I am using Java 8 Base64 tools, and the code looks as follows: public String getTokenProperty(String token, String propertyName)īyte bytes = Base64.getUrlDecoder().decode(token) I know this is Base64 encoded, and I can drop the token into jwt.io and and both of these sites parse the token correctly. The problem is that I am logging into one of our Oauth2 services which is working well. So, I have done some research on this on the Net and here on StackOverflow, and I have tried many, multiple suggestions that I have found.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |