def get_magic(jwt): header, payload, signature = jwt.split(".") raw_signature = urlsafe_b64decode(f"{signature}==") raw_signature_int = gmpy2.mpz(bytes_to_long(raw_signature)) padded_msg = pkcs1_v1_5_encode(f"{header}.{payload}".encode(), len(raw_signature)) padded_int = gmpy2.mpz(bytes_to_long(padded_msg)) e = gmpy2.mpz(65537) return gmpy2.mpz(pow(raw_signature_int, e) - padded_int)
def decrypt(self, input): raw_token = input raw_token = urllib.unquote(raw_token).decode('utf8') IV = raw_token[:24] IV = base64.b64decode(IV) token = raw_token[24:] token = token[1:] token = base64.b64decode(token) # Decryption decryption_suite = AES.new(key, AES.MODE_CBC, IV) jwt = decryption_suite.decrypt(token) header, content, signature = jwt.split(".") self.header = base64.b64decode(header) pad = (len(content) % 4) self.content = content + (pad * "=") self.content = base64.b64decode(content)
def _POST_parameter_jwt_required(jwt): """Explicitly calls jwt authentication on parameter supplied by HTTP POST request :param jwt: the user's jwt token """ auth_header_prefix = current_app.config['JWT_AUTH_HEADER_PREFIX'] parts = jwt.split() if parts[0].lower() != auth_header_prefix.lower(): raise JWTError('Invalid JWT header', 'Unsupported authorization type') elif len(parts) == 1: raise JWTError('Invalid JWT header', 'Token missing') elif len(parts) > 2: raise JWTError('Invalid JWT header', 'Token contains spaces') token = parts[1] try: payload = _jwt.jwt_decode_callback(token) except jwt.InvalidTokenError as e: return JWTError('Invalid token', str(e)) _request_ctx_stack.top.current_identity = identity = _jwt.identity_callback(payload) if identity is None: return JWTError('Invalid JWT', 'User does not exist')
def header(jwt): header_segment = jwt.split(".", 1)[0] try: return json.loads(base64url_decode(header_segment)) except (ValueError, TypeError): raise DecodeError("Invalid header encoding")
def parse_jwt(jwt): global header, body, signature header, body, signature = jwt.split('.') header = base64.b64decode(fix_b64(header)) body = base64.b64decode(fix_b64(body))
def header(jwt): header_segment = jwt.split('.', 1)[0] try: return json.loads(base64url_decode(header_segment)) except (ValueError, TypeError): raise DecodeError("Invalid header encoding")
input = sys.argv[1] raw_token = input raw_token = urllib.unquote(input) print(raw_token) # IV is the 24 first bytes of token in base64, after base64 decoding it needs 16 bytes for IV IV = raw_token[:24] IV = base64.b64decode(IV) token = raw_token[24:] token = token[1:] token = base64.urlsafe_b64decode(token) # Decryption decryption_suite = AES.new(key, AES.MODE_CBC, IV) jwt = decryption_suite.decrypt(token) print("The decrypted JWT is: %s" % jwt) header, content, signature = jwt.split(".") print("\nThe JWT header is: %s\n" % header) print("The JWT content is: %s\n" % content) print("The JWT signature is: %s\n" % signature) print("The information inside JWT is as followed:\n") pad = (len(header) % 4) header = (base64.b64decode(header)) pad = (len(content) % 4) print(pad) content = content + (pad * "=") content = (base64.b64decode(content)) content = content.split(",") for item in content: print item