fix jwt decoding, fixes #299

dyc3 · Aug 10, 2023 · 1e622ff · 1e622ff
1 parent 94a7ca8
commit 1e622ff
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 3 deletions.
diff --git a/steamguard/src/accountlinker.rs b/steamguard/src/accountlinker.rs
@@ -5,6 +5,7 @@ use crate::steamapi::twofactor::TwoFactorClient;
 use crate::token::TwoFactorSecret;
 use crate::transport::Transport;
 use crate::{steamapi::EResult, token::Tokens, SteamGuardAccount};
+use anyhow::Context;
 use base64::Engine;
 use log::*;
 use thiserror::Error;
@@ -41,15 +42,21 @@ where
 
 	pub fn link(&mut self) -> anyhow::Result<AccountLinkSuccess, AccountLinkError> {
 		let access_token = self.tokens.access_token();
-		let steam_id = access_token.decode()?.steam_id();
+		let steam_id = access_token
+			.decode()
+			.context("decoding access token")?
+			.steam_id();
 
 		let mut req = CTwoFactor_AddAuthenticator_Request::new();
 		req.set_authenticator_type(1);
 		req.set_steamid(steam_id);
 		req.set_sms_phone_id("1".to_owned());
 		req.set_device_identifier(self.device_id.clone());
 
-		let resp = self.client.add_authenticator(req, access_token)?;
+		let resp = self
+			.client
+			.add_authenticator(req, access_token)
+			.context("add authenticator request")?;
 
 		if resp.result != EResult::OK {
 			return Err(resp.result.into());

diff --git a/steamguard/src/token.rs b/steamguard/src/token.rs
@@ -160,7 +160,7 @@ fn decode_jwt(jwt: impl AsRef<str>) -> anyhow::Result<SteamJwtData> {
 	ensure!(parts.len() == 3, "Invalid JWT");
 
 	let data = parts[1];
-	let bytes = base64::engine::general_purpose::URL_SAFE.decode(data)?;
+	let bytes = base64::engine::general_purpose::URL_SAFE_NO_PAD.decode(data)?;
 	let json = String::from_utf8(bytes)?;
 	let jwt_data: SteamJwtData = serde_json::from_str(&json)?;
 	Ok(jwt_data)
@@ -259,4 +259,13 @@ mod tests {
 		assert_eq!(data.sub, "76561199155706892");
 		assert_eq!(data.jti, "18C5_22B3F431_CDF6A");
 	}
+
+	#[test]
+	fn test_decode_jwt_2() {
+		let sample: Jwt = "eyAidHlwIjogIkpXVCIsICJhbGciOiAiRWREU0EiIH0.eyAiaXNzIjogInI6MTRCM18yMkZEQjg0RF9BMjJDRCIsICJzdWIiOiAiNzY1NjExOTk0NDE5OTI5NzAiLCAiYXVkIjogWyAid2ViIiwgIm1vYmlsZSIgXSwgImV4cCI6IDE2OTE3NTc5MzUsICJuYmYiOiAxNjgzMDMxMDUxLCAiaWF0IjogMTY5MTY3MTA1MSwgImp0aSI6ICIxNTI1XzIyRkRCOUJBXzZBRDkwIiwgIm9hdCI6IDE2OTE2NzEwNTEsICJydF9leHAiOiAxNzEwMDExNjg5LCAicGVyIjogMCwgImlwX3N1YmplY3QiOiAiMTA0LjI0Ni4xMjUuMTQxIiwgImlwX2NvbmZpcm1lciI6ICIxMDQuMjQ2LjEyNS4xNDEiIH0.ncqc5TpVlD05lnZvy8c3Bkx70gXDvQQXN0iG5Z4mOLgY_rwasXIJXnR-X4JczT8PmZ2v5cisW5VRHAdfsz_8CA".to_owned().into();
+		let data = sample.decode().expect("Failed to decode JWT");
+
+		assert_eq!(data.aud, vec!["web", "mobile"]);
+		assert_eq!(data.sub, "76561199441992970");
+	}
 }