Reputation: 3846
JWT decoded on jwt.io, but not in application
I am trying to decode a JWT I get from Auth0. When I go to jwt.io, they have a decoder that you can put a JWT in, and it will tell you all the information about each section of the JWT. I can see that all the information is correct. When I try to decode it myself though, I get this error. I'm getting the secret key from my Auth0 registered client information, and there is a note that says: The Client Secret is not base64 encoded. Do I need to base64 encode this secret before using it ?
ValueError: Could not unserialize key data.
Terminal
>>> import jwt
>>> secret = secret
>>> encoded_jwt = encoded_jwt
>>> decoded_jwt = jwt.decode(encoded_jwt, secret, algorithm="RS256")
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/local/lib/python3.6/site-packages/jwt/api_jwt.py", line 78, in decode
jwt, key=key, algorithms=algorithms, options=options, **kwargs
File "/usr/local/lib/python3.6/site-packages/jwt/api_jws.py", line 140, in decode
key, algorithms)
File "/usr/local/lib/python3.6/site-packages/jwt/api_jws.py", line 204, in _verify_signature
key = alg_obj.prepare_key(key)
File "/usr/local/lib/python3.6/site-packages/jwt/algorithms.py", line 207, in prepare_key
key = load_pem_public_key(key, backend=default_backend())
File "/usr/local/lib/python3.6/site-packages/cryptography/hazmat/primitives/serialization.py", line 24, in load_pem_public_key
return backend.load_pem_public_key(data)
File "/usr/local/lib/python3.6/site-packages/cryptography/hazmat/backends/multibackend.py", line 314, in load_pem_public_key
return b.load_pem_public_key(data)
File "/usr/local/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1110, in load_pem_public_key
self._handle_key_loading_error()
File "/usr/local/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1325, in _handle_key_loading_error
raise ValueError("Could not unserialize key data.")
ValueError: Could not unserialize key data.
Upvotes: 0
Views: 1204
Answers (1)
Reputation: 26
As you don't mention a PUBLIC KEY nor a PRIVATE KEY, it looks like you are trying to decode using the "RS256" algorithm, but your token uses "HS256".
try:
decoded_jwt = jwt.decode(encoded_jwt, secret, algorithm="HS256")
instead of:
decoded_jwt = jwt.decode(encoded_jwt, secret, algorithm="RS256")
You are free to encode the key using base64 if you like at this address: https://www.base64encode.org/
You can verify the encoded key by checking the "secret base64 encoded" check box at jwt.io, under the VERIFY SIGNATURE section.
Upvotes: 1
Related Questions
- jwt Signature exception while decoding
- Why do I fail to encode back a decoded JWT?
- Auth0 JWT with Java
- JWT can not be decipher from keys
- JWT token appears to be correct but response received is 401
- Encoded JWT using PKCS8 RSA256 algorithm on jwt.io but not in application
- JWT gets decoded easily on its site
- Auth0 java-jwt library fails to verify a valid token
- Why can i easily decode auth0 id_token on jwt.io?
- Auth0 /authorize endpoint not returning a JWT