Comments (7)
If I understand you correctly, you generate a token using jwt-cpp and then try to validate it using jwt-cpp and when validating, an exception is thrown.
Did you check if the token is correctly decoded by other verifiers, for example the one here:
https://jwt.io/
Can you post a sample token (can be expired) or at least a complete code sample showing the problem ?
The "invalid token supplied" message means that the token is not correctly formated (i.e. not in the header.payload.signature format).
from jwt-cpp.
Thanks for the quick response,
Here is the token create code:
auto token = jwt::create()
.set_issuer(JWT_ISSUER)
.set_type("JWT")
.set_payload_claim("name", std::string(uname))
.sign(jwt::algorithm::hs256{ passwd });
Here is the token verify code:
auto decoded_token = jwt::decode(token);
for (auto& e : decoded_token.get_payload_claims())
{
LOG_DBG << fname << e.first << " = " << e.second.as_string();
}
auto verifier = jwt::verify()
.allow_algorithm(jwt::algorithm::hs256{ key })
.with_issuer(JWT_ISSUER)
.with_claim("name", std::string(user));
verifier.verify(decoded_token);
above code works fine, but when I add set_expires_at(), it will failed.
Project:
https://github.com/laoshanxi/app-manager/blob/master/ApplicationManager/RestHandler.cpp
from jwt-cpp.
My bad I overlooked it the first time around:
Your problem is neither with token creation nor with verifying it.
It's your debug output of your token content.
You are trying to output the second element using as_string, which does not work in case of exp (which is a number).
If you just want to get a string representation of the content use to_json() instead, which also handles objects and the like correctly. For real checks you can either check the type using get_type() before printing or catch the exception.
I took a look at your project and noticed that you do quite a lot of stuff with the token content before calling verify. Even though it should be fine in this case, note that you can not trust ANY data in the token before it is validated and especially the fact that you print them out to a log file might help in case of attacks (you basically allow a remote user to write arbitrary data to your log file).
That said I really like the project. Looks like a mix between systemd and cron if I understood that correctly. I once tried something similar (webinterface to a systemd instance running in userspace) but eventually gave up on the idea and wrote a cli client of proxmox ve which builds and deploys tiny lxc contrainers. You can find it here: https://github.com/Thalhammer/pve-simple-container
from jwt-cpp.
Thanks to point out the root cause, it is my fault that did not debug into the application, after remove the debug log, it works.
You are right, the app-manager is target to be:
- Manage all workload running on OS (more features than supervisor and crontab)
- All self-built rpm post-install script will register an app to this daemon to manage startup behavior
- Get resource usage for all applications
- Run remote shell commands and get stdout/stderr (this is a little bit risk to open this)
Thanks again for the usefull library.
from jwt-cpp.
@Thalhammer Why I did some thing in gettoken is because I want follow standard to make token start with "Bearer ", is this correct?
from jwt-cpp.
Some use Bearer, some JWT.
Some use a completely different header.
There isn't really a standard on how to do this. In most of my software, I send JWT in the client and accept both Bearer and JWT on the server side.
But this is by no means a requirement.
from jwt-cpp.
@Thalhammer Thanks for the explaination. I saw most Java application follow "Bearer " starter. anyway, just make client/server consistant will be fine.
from jwt-cpp.
Related Issues (20)
- what secret format should i use for HS512 algorithm HOT 1
- Release status of 0.7.0-rc.0 HOT 3
- Guide to Setting Up jwt-cpp? HOT 4
- Building example: no matching function for call to ‘decode(std::string&)’ HOT 1
- Compilation error: no matching function for call to ‘decode(std::string&)’ HOT 2
- Build Errors For picojson.h? HOT 8
- Getting Error - namespace "jwt" has no member "claims" HOT 6
- Unable to generate token using ed25519 HOT 2
- Use of Builder explicitly
- Need help : How to Implement JWT Operations from Python Using jwt-cpp ? HOT 5
- How to use payload and get the payload data HOT 7
- Boost JSON traits kind of buggy HOT 5
- How to verify a jwt HOT 3
- Invalid input: not within alphabet HOT 6
- Locking in libcrypto in multi threaded app HOT 6
- Linker error for OpenSSL on Windows HOT 5
- Exception is thrown with the exmple private-claims.cpp HOT 10
- Flattened JWS JSON Serialization HOT 7
- unexpected exception(expired) throws in verify JWT token HOT 2
- Add bool to verify() HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jwt-cpp.