I have a function that takes in a token, decodes it, and uses the payload to perform some logic. I would like to generate tokens with claims I manipulate to test that function.
I generated a keypair from https://mkjwk.org/ and use it in the following way:
from jose import jwt
claims = {"hello": "world"}
key = {
"kty": "RSA",
"d": "RSjC9hfDtq2G3hQJFBI08hu3CJ6hRRlhs-u9nMFhdSpqhWFPK3LuLVSWPxG9lN7NQ963_7AturR9YoEvjXjCMZFEEqewNQNq31v0zgh9k5XFdz1CiVSLdHo7VQjuJB6imLCF266TUFvZwQ4Gs1uq6I6GCVRoenSe9ZsWleYF--E",
"e": "AQAB",
"use": "sig",
"kid": "1234567890",
"alg": "RS256",
"n": "thBvC_I9NciW6XqTxUFMZaVVpvGx6BvLHd3v8Visk_6OoDCVXF_6vNktNi6W7CBkuHBqGyuF0wDFrHcZuZq_kLKI6IRofEzKyUoReOyYRlPt5ar64oDO-4mwH47fb99ILW94_8RpQHy74hCnfv7d888YaCmta9iOBOvggcvxb5s"
}
token = jwt.encode(
{"hello": "world"},
key,
algorithm="RS256",
)
jwt.decode(token, key, algorithms="RS256") == claims
The above is giving me a jose.exceptions.JWTError: Signature verification failed.
error.
Why is this? How can I generate a token I can properly decode with my desired claims?
Figured it out!
Using full public/private key strings:
token = jws.sign({"hello": "world"}, rsa_private_key, algorithm="RS256")
assert jwt.decode(token, rsa_public_key, "RS256") == {"hello": "world"}
Or with JWKs:
private_key = jwk.construct(rsa_private_key, "RS256").to_dict()
public_key = jwk.construct(rsa_public_key, "RS256").to_dict()
token = jws.sign({"hello": "world"}, private_key, algorithm="RS256")
assert jwt.decode(token, public_key, "RS256") == {"hello": "world"}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.