QJsonWebToken
QJsonWebToken copied to clipboard
Published
20 hours ago •
juangburgos
juangburgos
FIX: Reading Base64 JWT conforming to RFC-4648
Turns out that JWT uses a URL-safe form of base64 that is slightly different (described in RFC-4648). Our application failed to read such a JWT (see below) for this reason. Please compare the following (officially endorsed) implementation of JWT in C: https://github.com/benmcollins/libjwt/blob/master/libjwt/jwt.c#L264
For reference: The token that failed to parse with this library:
eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJjYjk4N2RjNS0yY2UzLTRlMjAtOTRiZS1kZWFjMzMxOWJkOGU
iLCJ1c2VyX2VtYWlsIjoibW9wcy5ncm9zc2VAbmV4ZW5pby5jb20iLCJ1c2VyX3Jvb3R0cmVlbm9kZWl
kIjoiN2ZhZWYzODctNDM1Mi00YjYzLTg2Y2UtODU5NDAyZWE4ZjI3IiwiY29tcGFueV9pZCI6IjkyMDF
mYWVlLTRiOTYtNDZkYi04MWYxLTcxMjExMTBmN2ZiNyIsInVzZXJfbmFtZSI6Ik1vcHMgZGVyIEdyb8O
fZSIsImNvbXBhbnlfYWN0aXZlIjp0cnVlLCJpc3MiOiJDbG91ZFJhaWQgU2VydmVyIiwicmVmcmVzaF9
leHBpcnkiOjE1MTI2MjkyMjMsInVzZXJfcm9sZXMiOlsiVVNFUiJdLCJyZWZyZXNoX3Rva2VuIjoiSWd
TM1FIY3paa3dyQjhZMk8zUG1KQjBPeFNBT2gzb09JYldTLWNzc1hNSSIsInVzZXJfZ2l2ZW5uYW1lIjo
iTW9wcyIsInVzZXJfaWQiOiJjYjk4N2RjNS0yY2UzLTRlMjAtOTRiZS1kZWFjMzMxOWJkOGUiLCJleHA
iOjE1MTI1OTMyMjMsInRva2VuVHlwZSI6IkFVVEhFTlRJQ0FURURfVVNFUl9UT0tFTiIsInVzZXJfZmF
taWx5bmFtZSI6ImRlciBHcm_Dn2UifQ.6INfl7V03Sltz6eweU6NmcOY7Cng_H90sJhUjDv7TnIeyJhb
GciOiJIUzI1NiIsInR5cCI6IkpXVCJ9
