sjwt | Simple JSON Web Token - Uses HMAC SHA | Authentication library
kandi X-RAY | sjwt Summary
kandi X-RAY | sjwt Summary
Simple JSON Web Token - Uses HMAC SHA-256.
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
- UUID generate a random UUID string
- Parse parses a token string
- GetNotBeforeAt returns the NotBeforeAt field if present .
- Verify returns true if the token is valid
- ToClaims converts a struct to Claims
- New claims
sjwt Key Features
sjwt Examples and Code Snippets
Community Discussions
Trending Discussions on sjwt
QUESTION
I am creating a JWT Token using a private key in PHP. For this I am using the OpenSSL library. Before anything I will share my code :
PHP
...ANSWER
Answered 2019-Dec-04 at 18:46The return-value of
KJUR.jws.JWS.sign
consists of three portions separated by a dot. The first part is the Base64url-encoded JSON-stringsHeader
, the second part is the Base64url-encoded JSON-stringsPayload
and the third part is the Base64url-encoded signature. The data to be signed consist of the first two portions including the dot separating the two portions. RS256 means that SHA256 and RSA with RSASSA-PKCS1-v1_5 padding is used for the signature. This can also be easily verified online, e.g. here, wherebySHA256withRSA
is to be selected as the algorithm.openssl_sign
also uses RSA with RSASSA-PKCS1-v1_5 padding and therefore creates the same signature with SHA256, assuming the same key and the same data to be signed are applied.jsrsasign
uses Base64 url-encoding (RFC4648, sect. 5), while PHP (or more precisely thebase64_encode
-method) uses standard Base64-encoding (RFC4648, sect. 4), which most likely is one cause of the issue. This means that the encoding in the current PHP-code must be changed to Base64url, e.g. here.Of course, the underlying JSON-strings in the PHP-code (
$header
,$payload
and$token
) must also be identical to their counterparts in the JavaScript-code, otherwise the signature will differ. Since the PHP-code is incomplete, this cannot be checked and could be another cause of the problem.
QUESTION
I'm using actionable messages (with Outlook web app) to call an Logic App. Therefore I am getting an Bearer token in the request:
"Action-Authorization": "Bearer eyJ0eXAi..."
Callstack:
Outlook web app -> Logic App -> my endpoint hosted in azure
Now I tried to validate the token with jwt.io but getting an Issue that the Signature is invalid.
So I tried to validate it in c# with the JwtSecurityTokenHandler
.
I tried to add https://substrate.office.com/sts/
to the issuer list, but it seems like the validation don't even get there.
I'm using the following code to validate the jwt token issued by office.com:
...ANSWER
Answered 2019-May-07 at 12:07The exception says that the "Signature validation failed".
To resolve this problem we can't just add the wanted valid issuer to ValidIssuers
, we need the to verify that the token is issued from the issuer itself.
Especially for this case with office.com being the issuer I found the expected key (JWK - JSON Web Key) here: https://substrate.office.com/sts/common/discovery/keys (also https://substrate.office.com/sts/common/.well-known/openid-configuration)
Here is the working code:
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install sjwt
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page