Closed niwinz closed 8 years ago
Quoting the RFC they describe how to implement this in C# this should be easy to implement in Groovy as well:
static string base64urlencode(byte [] arg)
{
string s = Convert.ToBase64String(arg); // Regular base64 encoder
s = s.Split('=')[0]; // Remove any trailing '='s
s = s.Replace('+', '-'); // 62nd char of encoding
s = s.Replace('/', '_'); // 63rd char of encoding
return s;
}
static byte [] base64urldecode(string arg)
{
string s = arg;
s = s.Replace('-', '+'); // 62nd char of encoding
s = s.Replace('_', '/'); // 63rd char of encoding
switch (s.Length % 4) // Pad with trailing '='s
{
case 0: break; // No pad chars in this case
case 2: s += "=="; break; // Two pad chars
case 3: s += "="; break; // One pad char
default: throw new System.Exception(
"Illegal base64url string!");
}
return Convert.FromBase64String(s); // Standard base64 decoder
}
@mgdelacroix what's is the status of this issue?
I have some concerns about this, because I'm using the plugin and telling my customers that we provider JWT auth for the REST API, but the generated token is not compliant against https://jwt.io/
Thanks!
@ppazos it will be implemented next week
Best!
@mgdelacroix TY!
The base64 encoding used for encode the jws result is not compliant with the standard.
The current implementation uses the standard base64. But jws has specified a concrete base64 variant: urlsafe base64 without padding.
You can see it in the Base64 encoding section: http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-40#page-6 and example implementation of it, using C#: http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-40#page-52