Reputation: 2781
I have a JWT Token which I am trying to convert to JSON - The headers show up fine but not the payload - Any Information will be helpful
My Token
eyJ6aXAiOiJERUYiLCJhbGciOiJFUzI1NiIsImtpZCI6IjNLZmRnLVh3UC03Z1h5eXd0VWZVQUR3QnVtRE9QS01ReC1pRUxMMTFXOXMifQ.3VNNj9owEP0rq9lrSOKwhZJTF3pptapW2m0vFQfjDMSVP5DtBOgq_71jA9tWWrj1Ut8mfvPmvefJC0jvoYY2hK2vi8Jr7kKLXIU2F9w1vsA911uFviBghw4ykDxAzSZsPJlMxiXLyzuWQS-gfoEPwpqAe7r__kq52-3y3Ti3blNUJXtfCIcNmiC58kXPYJlBOGwxdnxDJ9eSrxQuXjE076K222MxisVVnNS6M_InD9Kaq0Bhe9mwWRT1W-ZTt_qBIkR_61Y6UukjTw13eZkz4otf551pFEaMQ287J_A5uYLTxdklCKsUsR2V0AB3IOvE3Cn11SkCnPvrkgDn4g3iR7JD_QQyXOORhGupiA_uDWGcTzM2skcT4_1s21jPc1gOZHCDpqH3rEHzpG8lKYyPPERuNnvHRiUbVSUMQ_amOnZd3ae_I_eBh84n-3GbAsYH67kQ0uDCNolB2EaaTTLiDz6gPu0lvVSrpmmBYtKFl00h-j0RiNQJVTmFYTlksD1FkuSs0aGJ2v5MlEBWiM6lq2j2WeojRZUMl9HW1knajMPTyVtwHWagrDiauUQ-juTKhi-dXqVcH2y4uS3TYRdjrP7LGKvZP4lxejHG8fUYH85Tzz8L3M8XN48td5qLA7EuBzq_AA._juD-OGeaRIRVqIXji_13lHvrpmhw57DpZrZqbNUgjeqjSLwUc8qbzzbai82fGN5KzHgWFKy4v45hzd89GBO7Q
I am using jsonwebtoken library
var jwt = require("jsonwebtoken");
var decoded = jwt.decode(token, {complete: true});
console.log(decoded.header);
console.log(decoded.payload);
Output
{
zip: 'DEF',
alg: 'ES256',
kid: '3Kfdg-XwP-7gXyywtUfUADwBumDOPKMQx-iELL11W9s'
}
�SM��0�+��kHⰅ�Szi��V�m/�
ĕ?���*��c�VZ��R�&~����
a�O36�G��l�X�sXdp�����A�o%)��<Dn6{�F%%�{ٰY�[�S���"D�V:R�#O�\�6�5��=�[�� `�2�<@�&l<�L�%��;�A/�~�š�{���J�����8�nST%{�
C��:v]ݧ�#����'�q������6�A�F�M2�>�>�%�T��i�b҅�M!�=�� U9�a9d�=E��ѡ���L�@V�Υ�h�Y�#E�
����Iڌ���[pf��8��D>��ʆ/�^�\l��-�ac�����?�qz1����S�?
��7�-w���.:�
I did same in Python - which works for me perfectly
//Retrieve the Headers which are needed to retrieve the public key
headers = jose_jws.get_unverified_headers(encoded)
print(headers)
// Now attempt to decode the JWT/JWS. This would be followed by
// validation once the public key had been retrieved
decoded = jose_jws.get_unverified_claims(encoded)
print(decoded)
JAVASCRIPT
Upvotes: 1
Views: 2824
Reputation:
zip: 'DEF'
indicates the payload is deflated. You may try inflating it back.
That being said, "zip" or compression is only defined for JWE (JSON Web Encryption), not JWS (JSON Web Signatures) or JWT. A proper JWT payload MUST always be a top level JSON object and be without compression.
Upvotes: 2