ananda
Reputation: 189
Base64 encoded JWT token validation using KONG
I have a java code which generates a JWT token using Jwts.builder(). However, the generated token is then again encoded using a Base64 encoder, e.g.
Base64.getEncoder().encodeToString(token.getBytes())
I have been able to setup kong to validate the generated JWT token but I can not find a way to validate the Base64 encoded version of the token.
Can you please suggest if there is a way to handle such a scenario.
Kind Regards,
Upvotes: 2
Views: 744
Answers (1)
Philipp
Reputation: 510
I am not aware of a ready-to-use solution, however you can:
- either clone the original jwt plugin and adapt the code so you can handle the base64 encoded string
- or write your own plugin
base64 decoderto decode it properly and then use the original jwt-plugin. You can control the order of execution so your custom plugin runs before the jwt plugin and replaces the original double-encoded token with the single-coded (normal) jwt token
To stay close to the original plugin and avoid code duplication, I would recommend the second way.
Upvotes: 1
Related Questions
- Valid JWT token with wrong Base64 encoding?
- Kong JWT invalid signature
- Mashape Kong + JWT invalid token
- verify signature of JWT Token c#
- How to setting JWT Authentication in KONGA
- Kong and JWT - how the APIs should extract the info from the token
- APIs authentication and JWT token validation with KONG
- JWT authentication using cookies with KONG API Gateway
- JWT Token verification with Java
- fail to verify jwt signature in Java