Handle Partial JWT Tokens

[x2764tech]

What improvement do you think would an existing feature or tool in DevToys?

In some cases, my tooling records JWT tokens without the signature part.

Some other tools (1, 2) handle this with a warning, and it would be nice if DevToys could do the same

Solution/Idea

The current implementation uses JwtSecurityTokenHandler, which requires the token have 2 or 3 dots.

It would require writing a parser to handle partial tokens.

Comments

You can easily recreate this by stripping the last part of the token (from the last period onward).

Here's one from our dev environment that I've been struggling with:

eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJBblBQLWQta2MzTS1RMno3T2FjbUNIaHBnYUVmWW1SbnRtTFkxVmF0QUlFIn0.eyJqdGkiOiJmOGMxNjU2YS02OWM2LTRjMWYtYjQzNC02OGEzODBlYThmZmIiLCJleHAiOjE3MDYwODgxMzEsIm5iZiI6MCwiaWF0IjoxNzA2MDg4MDcxLCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjI4MDgwL2F1dGgvcmVhbG1zL2VsYWIiLCJhdWQiOiJhaXJsb2NrLXVpIiwic3ViIjoiZWMyMWRiYzEtYzg3NC00NzU0LWJjODAtZjUxY2ZiNWZkYTgwIiwidHlwIjoiSUQiLCJhenAiOiJhaXJsb2NrLXVpIiwibm9uY2UiOiI2Mzg0MTY4NDg2MzUwODc3MzAuTXpjeE9EazNZek10TjJJd015MDBOMkU1TFRsaU5qUXRNREZqTkdKaU0ySTBNakkyTldSa01tTTBNakF0TjJOaU9TMDBZVFV3TFRnME5qVXRZak15WWpkaVpHRTJOamRtIiwiYXV0aF90aW1lIjoxNzA2MDg4MDcwLCJzZXNzaW9uX3N0YXRlIjoiNjYwOGY1MGMtM2I0ZS00MWRhLTlkMmItNmNkYjI3NGM3ZjkzIiwiYWNyIjoiMSIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwicm9sZXMiOlsiYW5hbHlzdCJdLCJuYW1lIjoiVGhlIEFuYWx5c3QiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJhbmFseXN0IiwiZ2l2ZW5fbmFtZSI6IlRoZSIsImZhbWlseV9uYW1lIjoiQW5hbHlzdCIsImVtYWlsIjoiYW5hbHlzdEB4Mjc2NXRlLmNoIn0

[veler]

Hi, thanks for sharing this feedback, @btiteux , do you think this is something that is common enough that we would want to support in DevToys? Probably not in the initial 2.0 release but later.

[veler]

Sounds tricky to implement. Let's wait to see if people upvote this issue.