Does not work with JWT encoded with other tools because of escaping slashes

[Schnueggel]

PHP json_encode by default escapes slashes, which will break the verify when the token was generated with a other tool than psecio/jwt.

Perhaps ist would be good to at least make it possible to set the encoding and decoding options.

[enygma]

Can you give me an example of another tool to try with so I can verify it cooperates?

[Schnueggel]

For example this: http://federation-lab.uninett.no/jwt

[enygma]

Interesting...I wonder what the difference is between that and these others (works on them):

• https://developers.google.com/wallet/digital/docs/jwtdecoder
• http://jwt.calebb.net
• http://jwt.io

[Schnueggel]

Thats what I did and tested: I encode the following json with http://federation-lab.uninett.no/jwt

{
    "iss": "https://issuer.example.org",
    "exp": 1416057272,
    "http://example.com/is_root": true,
    "aud": "https://example.org"
}

The Result is this Token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczovL2lzc3Vlci5leGFtcGxlLm9yZyIsImV4cCI6MTQxNjA1NzI3MiwiaHR0cDovL2V4YW1wbGUuY29tL2lzX3Jvb3QiOnRydWUsImF1ZCI6Imh0dHBzOi8vZXhhbXBsZS5vcmciLCJ0eXAiOiJKV1QifQ.gNNDnZcAS9AAZ-l2Dbz7gKcxyGhILdNbwcSQsagF6BM

Then in Jwt.php on line 144 the claims get correctly decoded:

$this->base64Decode($claims)

Resulting in the same json as above.

Then in the verify method on line 247:

$this->base64Encode(json_encode($claims))

json_encode($claims) results in:

{"iss":"https:\/\/issuer.example.org","exp":1416057272,"http:\/\/example.com\/is_root":true,"aud":"https:\/\/example.org","typ":"JWT"}

Which will base64 encoded result in a different token and does not verify of course.

[enygma]

Okay, I just released 1.4 - give that a shot. Looks like it works here but I wanted to be sure.

[Schnueggel]

Yes works for me now. Thanks.

[enygma]

Excellent - thanks!