Reputation: 687
Jwt Decode using PyJWT raises Signature verification failed
I'm running into a weird issue with decoding the jwt token in the django views. If I try jwt.decode('encoded_token', 'secret') then I see the "Signature verification failed" message. In order to escape from this issue I've set the verify flag to False:
jwt.decode('eroded_token', 'secret', verify=False)
This gives the decoded payload with no error but I'm trying to figure out how I can verify the token successfully without setting the verify flag to False. Any Ideas?
Thanks
Upvotes: 9
Views: 6707
Answers (1)
Reputation: 785
That is not an actual JWT token you are trying to verify - it should look more like this - three strings concatenated together with periods (and of course be created as an actual JSON Web Token):
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE1NTk1ODM2MjAsImV4cCI6MTU1OTU4MzY4MH0.P9bO39jqwB3YHf7XSo16OSLvcNMYbm__hrf70J9VzYw
You can create a web token via:
import jwt
encoded = jwt.encode({'some': 'payload'}, 'secret', algorithm='HS256')
print(encoded)
O/P:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzb21lIjoicGF5bG9hZCJ9.4twFt5NiznN84AWoo1d7KO1T_yoc0Z6XOpOVswacPZg
`
taken from https://github.com/jpadilla/pyjwt
Upvotes: 1
Related Questions
- ValueError: Could not deserialize key data during jwt encoding
- Decoding jwt token with PyJWT in python giving error Algorithm not supported
- jwt.decode() got an unexpected keyword argument 'verify'
- PyJWT returning invalid token signatures
- jwt.exceptions.DecodeError: Invalid crypto padding
- Fix: InvalidAlgorithmError: The specified alg value is not allowed while trying to decode encoded jwt token in Python
- Verify the JWT token signature without decoding it in the PyJWT library
- How to use pyJWT to verify signature on this JWT?
- JWT Authentication Error "Invalid Signature" in Django Rest Framework
- Django + Auth0 JWT authentication refusing to decode