search

Thalhammer / jwt-cpp

A header only library for creating and validating json web tokens in c++
https://thalhammer.github.io/jwt-cpp/
MIT License
828 stars 229 forks source link

Invalid input: not within alphabet #341

Closed TheCardinalSystem closed 3 months ago

TheCardinalSystem commented 3 months ago

I am trying to decode a JWT so I can verify it, but I keep getting a verification exception with the message "Invalid input: not within alphabet". Here is how to reproduce:

std::string token = "eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJjYXV0aDAiLCJleHAiOjE3MTMzODgxNjgsInN1YiI6InRlc3RfdXNlciJ9.dlAk0mSWk1Clzfi1PMq7Omxun3EyEqh-AAu-fTkpabA67ZKenawAQhZO8glY93flukpJCqHLVtukaes6ZSOjGw";
jwt::decoded_jwt<jwt::traits::nlohmann_json> decoded(token);

I verified the token's integrity here.

prince-chrismc commented 3 months ago

I was not able to reproduce the problem with the code example you provided. You'll need to provide more information 🤔 you might want to double check how you are receiving and extract the token

https://github.com/prince-chrismc/jwt-cpp/actions/runs/8731222077/job/23956285054?pr=40#step:9:135

Thalhammer commented 3 months ago

Invalid input: not within alphabet

This is a error thrown by the base64 decoding. Make sure you are passing a valid token.

TheCardinalSystem commented 3 months ago

I was not able to reproduce the problem with the code example you provided. You'll need to provide more information 🤔 you might want to double check how you are receiving and extract the token

https://github.com/prince-chrismc/jwt-cpp/actions/runs/8731222077/job/23956285054?pr=40#step:9:135

Interesting. It works with a string literal, but the same token fails when it's provided via IP packet. It looks like there's nothing wrong with your code, so I will investigate my own code further. Sorry for the pointless issue 😛

Thalhammer commented 3 months ago

but the same token fails when it's provided via IP packet.

Make sure you don't have extra bytes at the front or back of the string. The base64 decoding doesn't run strlen, it relies on the string you give it. If you have a nullbyte at the end it will give that error but the byte won't show in e.g. a terminal.

TheCardinalSystem commented 3 months ago

but the same token fails when it's provided via IP packet.

Make sure you don't have extra bytes at the front or back of the string. The base64 decoding doesn't run strlen, it relies on the string you give it. If you have a nullbyte at the end it will give that error but the byte won't show in e.g. a terminal.

It was an issue converting from a C string to an std::string. Thanks for the tip!

prince-chrismc commented 3 months ago

Glad we could help!