This repository was archived by the owner on Feb 14, 2018. It is now read-only.
This repository was archived by the owner on Feb 14, 2018. It is now read-only.
Cannot decode base64url payloads #71
Open
Description
When the payload (or any other part I guess) encoded string contains the character - (or / according to the spec) an error is produced, listed below, that triggers a 401 response even if the token is valid:
[lua] nginx-jwt.lua:49: auth(): Invalid token: invalid jwt string
Here's a token with such character (HS256, secret is secret):
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJhYXo-IiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.uOUJ2GqqczYSZIYYLEtyMLzfz8AuOCatlAyPY9fc1P0
I fixed this issue by applying the following patch to release 1.0.1:
diff --git a/resty/jwt.lua b/resty/jwt.lua
index cf26bae..b047cdf 100644
--- a/resty/jwt.lua
+++ b/resty/jwt.lua
@@ -55,6 +55,9 @@ end
function _M.jwt_decode(self, b64_str, json_decode)
+ -- convert from base64url to base64
+ b64_str = b64_str:gsub("[-_]", {["-"]="+",["_"]="/"})
+
local reminder = #b64_str % 4
if reminder > 0 then
b64_str = b64_str .. string.rep("=", 4 - reminder)Is this approach correct?
Metadata
Metadata
Assignees
Labels
No labels