def get_magic(jwt):
header, payload, signature = jwt.split(".")
raw_signature = urlsafe_b64decode(f"{signature}==")
raw_signature_int = gmpy2.mpz(bytes_to_long(raw_signature))
padded_msg = pkcs1_v1_5_encode(f"{header}.{payload}".encode(),
len(raw_signature))
padded_int = gmpy2.mpz(bytes_to_long(padded_msg))
e = gmpy2.mpz(65537)
return gmpy2.mpz(pow(raw_signature_int, e) - padded_int)
def decrypt(self, input):
raw_token = input
raw_token = urllib.unquote(raw_token).decode('utf8')
IV = raw_token[:24]
IV = base64.b64decode(IV)
token = raw_token[24:]
token = token[1:]
token = base64.b64decode(token)
# Decryption
decryption_suite = AES.new(key, AES.MODE_CBC, IV)
jwt = decryption_suite.decrypt(token)
header, content, signature = jwt.split(".")
self.header = base64.b64decode(header)
pad = (len(content) % 4)
self.content = content + (pad * "=")
self.content = base64.b64decode(content)
def _POST_parameter_jwt_required(jwt):
"""Explicitly calls jwt authentication on parameter supplied by HTTP POST request
:param jwt: the user's jwt token
"""
auth_header_prefix = current_app.config['JWT_AUTH_HEADER_PREFIX']
parts = jwt.split()
if parts[0].lower() != auth_header_prefix.lower():
raise JWTError('Invalid JWT header', 'Unsupported authorization type')
elif len(parts) == 1:
raise JWTError('Invalid JWT header', 'Token missing')
elif len(parts) > 2:
raise JWTError('Invalid JWT header', 'Token contains spaces')
token = parts[1]
try:
payload = _jwt.jwt_decode_callback(token)
except jwt.InvalidTokenError as e:
return JWTError('Invalid token', str(e))
_request_ctx_stack.top.current_identity = identity = _jwt.identity_callback(payload)
if identity is None:
return JWTError('Invalid JWT', 'User does not exist')
def header(jwt):
header_segment = jwt.split(".", 1)[0]
try:
return json.loads(base64url_decode(header_segment))
except (ValueError, TypeError):
raise DecodeError("Invalid header encoding")
def parse_jwt(jwt):
global header, body, signature
header, body, signature = jwt.split('.')
header = base64.b64decode(fix_b64(header))
body = base64.b64decode(fix_b64(body))
def header(jwt):
header_segment = jwt.split('.', 1)[0]
try:
return json.loads(base64url_decode(header_segment))
except (ValueError, TypeError):
raise DecodeError("Invalid header encoding")
input = sys.argv[1]
raw_token = input
raw_token = urllib.unquote(input)
print(raw_token)
# IV is the 24 first bytes of token in base64, after base64 decoding it needs 16 bytes for IV
IV = raw_token[:24]
IV = base64.b64decode(IV)
token = raw_token[24:]
token = token[1:]
token = base64.urlsafe_b64decode(token)
# Decryption
decryption_suite = AES.new(key, AES.MODE_CBC, IV)
jwt = decryption_suite.decrypt(token)
print("The decrypted JWT is: %s" % jwt)
header, content, signature = jwt.split(".")
print("\nThe JWT header is: %s\n" % header)
print("The JWT content is: %s\n" % content)
print("The JWT signature is: %s\n" % signature)
print("The information inside JWT is as followed:\n")
pad = (len(header) % 4)
header = (base64.b64decode(header))
pad = (len(content) % 4)
print(pad)
content = content + (pad * "=")
content = (base64.b64decode(content))
content = content.split(",")
for item in content:
print item