Failing to decode JWT and get payload

Questions / Help
, ,
1

Hi all,
I have some troubles to decode JWT encode with alg “RS256”.
I need only payload, I really don’t care if its valid or not.
Tried using erlang-jose but nothing worked.
I used JOSE.JWS.expand(my_token) and tried with JOSE.JWS.peek_payload(my_token) also tried with other alg, but nothing worked always getting error:
** (ArgumentError) argument error: [with_my_token]
I tried to do the same with python using pyJWT and it worked… Some one have any idea how to get payload from JWT in elixir/erlang. Thank you :smiley:

2

Hello, do You have some sample data to test? It would be easier…

3

I wish I could, but this token I don’t sign or create. It just passed to me, and I can’t share the one I’m working with :frowning: . So until now I tried decode JWT my self as it just json encoded in base64. But using Base.decode64 i got just :error :smile:[ h | _] = String.split(token, ".") that should get header with it did, but decoding not working Base. tried doing it online and its worked…
h="eyJraWQiOiJVbXFLSm16V0JjT1BueUZ4SlNkRDFkZ3hyUmx6Y21ocmlxbW53enZ5NDJNPSIsImFsZyI6IlJTMjU2In0" strange right.

4

Did You try guardian? RS256 is in the list of allowed algorithms.

https://hexdocs.pm/guardian/Guardian.Token.Jwt.html#content

5

Guardian use same library erlang-jose, also I read to code to see how they get payload and done the same. Same error :man_shrugging:

6

Yes, it uses JOSE under the hood…

7

Would be nice just to be able to decode base64, but it also not working :sleepy::weary:

8

Sorry, I cannot help You on this one… But I am sure someone will give You better advice :slight_smile:

9

Don’t worry :smiley: thank you for trying

10

So reading code of :base64 erlang library and doing some tests with binary, I figured out that my base64 json is badly encoded even if it work in online decode :man_shrugging: … by comparing strings I find out that last part of string always without = at the end, witch represent In0= == "}. So I just ad simple function to check and add last part, and then convert with :base64.decode and decode with Jason. It more a hack then solution, but it working… If some one get with better idea message me please.

11

No need to, Base.decode64/2 knows a :padding option, that will work without the padding in the string:

Accepts padding: false option which will ignore padding from the input string.

5 Likes
12

Oh didn’t saw that, perfect! Thank you that solved issue.