Alotor
commented
9 years ago Quoting the RFC they describe how to implement this in C# this should be easy to implement in Groovy as well:
static string base64urlencode(byte [] arg)
{
string s = Convert.ToBase64String(arg); // Regular base64 encoder
s = s.Split('=')[0]; // Remove any trailing '='s
s = s.Replace('+', '-'); // 62nd char of encoding
s = s.Replace('/', '_'); // 63rd char of encoding
return s;
}
static byte [] base64urldecode(string arg)
{
string s = arg;
s = s.Replace('-', '+'); // 62nd char of encoding
s = s.Replace('_', '/'); // 63rd char of encoding
switch (s.Length % 4) // Pad with trailing '='s
{
case 0: break; // No pad chars in this case
case 2: s += "=="; break; // Two pad chars
case 3: s += "="; break; // One pad char
default: throw new System.Exception(
"Illegal base64url string!");
}
return Convert.FromBase64String(s); // Standard base64 decoder
}
ppazos
mgdelacroix
The base64 encoding used for encode the jws result is not compliant with the standard.
The current implementation uses the standard base64. But jws has specified a concrete base64 variant: urlsafe base64 without padding.
You can see it in the Base64 encoding section: http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-40#page-6 and example implementation of it, using C#: http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-40#page-52