You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm trying to verify this token in a ExpressJS App but everytime it run give us an invalid signature. I've already trying use the secret with base64 or only string but nothing works.
The thing is if the java code is change to secret.getBytes("UTF-8") the validation works, but this is not something I can do, because others apps in another languages work just fine with the current token generate.
Can anybody give me a clue why is that or an workaround?
Reproduction
App run ins expressJs
function verifyJWT(req, res, next) {
const token = req.query['auth'];
if (!token) return res.status(401).send({ auth: false, message: 'No token provided.' });
//encoding
let secret64 = Buffer.from(secret, 'ascii').toString("base64");
jwt.verify(token, secret, { algorithms: 'HS512' }, function (err, decoded) {
if (err) {
console.log(err);
console.log("MESSAGE: " + err.message);
return res.status(500).send({ auth: false, message: 'Failed to authenticate token.' });
}
// if ok save to request
req.userId = decoded.id;
next();
});
}
app.get('/testjwt', verifyJWT, function (req, res) {
res.send('IT WORKS')
});
Description
We have a system that generate a token using java:
I'm trying to verify this token in a ExpressJS App but everytime it run give us an invalid signature. I've already trying use the secret with base64 or only string but nothing works.
The thing is if the java code is change to secret.getBytes("UTF-8") the validation works, but this is not something I can do, because others apps in another languages work just fine with the current token generate.
Can anybody give me a clue why is that or an workaround?
Reproduction
App run ins expressJs
Environment
-express: 4.17.1
-jsonwebtoken: 8.5.1
The text was updated successfully, but these errors were encountered: