3

I am currently trying to build an oAuth 2 authentication inside some akka-http service. I want to use jwt-scala with jwtCirce for decoding a web token. When trying it out in the console (as well as inside my tests) I get the error Failure(java.lang.IllegalArgumentException: Illegal base64 character 2d)

Here is a console session describing the problem:

scala> import java.time.Instant
import java.time.Instant

scala> import cats.syntax.either._
import cats.syntax.either._

scala> import io.circe._, syntax._, jawn.{parse => jawnParse}
import io.circe._
import syntax._
import jawn.{parse=>jawnParse}

scala> import pdi.jwt.{JwtCirce, JwtAlgorithm, JwtClaim}
import pdi.jwt.{JwtCirce, JwtAlgorithm, JwtClaim}

scala> val privateKey = "MIIEpgIBAAKCAQEAvIWfxSuGXxUuVMHQaChB/bCOlRn3pJPZUHsC4vhcaRv7v9wWnZyVx36dsQ/BHB2icmfeVln6kXL8PSCAJcavO1cIXeHlJO9wlKKejZCcyu8v4dQn8bEFllFaIHt5yjfT9Kq3Tq5AJ9a6AdzkmUiGdrmMqQcHV0zKLMTdLLIl2sN72ZmkWCkilMacdLBjrLhIawOUfCngG57axiXEFOqjhWsumBEeV5yqIfgW335ASMSttEXtc418IRotD0rQEIX4UH78XuV6Lo7BWDjiAz0F0haMnPJhC/AMQGvgk2Yg6EVYxRueMMm6enNQ3ml0BJ71KmB/yFiivA1s6+f9PGvYMwIDAQABAoIBAQCerXIvSVVOjstyd7ftE4WH/KXmhfbVRcSyYvepBxbxOaaKdLtsajH/umkMcZA/FAp5dUfFMvMencQFx2dVZIh1z+mw68QtdIQz9zSxPzlZ7j1FPYdpfXCQd2T+1i9Kr/bthwvHZA+H+MqTatPW2R6kq8TjOJFLP80kJYdsaX5HRLMbZQyfVvMNpb9Qb1iSTY7r3dHsZ99x0GGkEiY4+g3qhPri2Fn+N64+CBg8EXYM5OWGOFUgtGn+xKP8YJW2t3roOQlNcXcyBR4WZebrUr2Vtqm+I5OKYDz2ED+KQR9LvEq/mQtCk8Opqc/55nMbRCsI+v3uq91dI+Xmr360kNyxAoGBAPOeQRavLMR3ebeLfa1VZRiMg6uH2004zs02kEPcvkcOceUHGwJ4NB0yPPWbe7clD+1of3P5TiQHh1dW/1LjRxFjDSGUgf5oQeYbtcvKeTuBb0Ios3uRnpX2ylr94jIZjICNQDhnMCJfpG29L3kRGbKLpTBpIWuqapMcGmZabppHAoGBAMYagaACITbgsjM2AGQnH8wqz47DMrhNW9a0IJFnbOcAYs4Z6GoWXf67aH5HAAKxEBAmqIG7xPrEMnMbGLLkuyr7kmOvVohRD5sJaCLBdXBV7KMn8+3eZSR3sy/T3foqFZEquWwjUmlKS8i+PBBiVrhajp06lOCKLCHkH6b1Xxy1AoGBAMHu6iuvubiQz7FAdwSkJT18pljHZtm7bk1IsWGEeWjBZAOJO4Qkwn+3fXWbl8m81EgO1t8wyHbAE4qAs/J9ARcjPdHMkgs/Xa5bwsX/YbDwIeyN0At/abpB4ua6kvWFBydSypvb8SJ79r5xSzhaV5WduxulpTg7SmnfhliShteDAoGBALm5rAFZPc53RlogrKk4zOTa1hCgDHMhg5J8+XOYpU7E290iCPU81w60oLiS0/2yBr89nwlSAtCfFDU6GCPPsXIQvSPcBKJ0bM8LOKgs+28//0TPdi9yKxzPZBzY4ulgfyvEBGbPjrnLv9UKFMG/kFHyBHZ/r4f7wnhbqRkcPflpAoGBALOS+l6/k0YuA9ElQw/NmAq87qsMKVdsqrxaFwEJdaeg+S5rjq+33xInf8WFHLEoVzV1zbuGcvyaKAhXxSz87V0gxWEKtnvH698qDlnSVf2ehRcWQ7XX8OisnAoK83QGitUluetUZ00G08XfN6K+MkjiNOKJq63zybKga9L4nKQE"
privateKey: String = MIIEpgIBAAKCAQEAvIWfxSuGXxUuVMHQaChB/bCOlRn3pJPZUHsC4vhcaRv7v9wWnZyVx36dsQ/BHB2icmfeVln6kXL8PSCAJcavO1cIXeHlJO9wlKKejZCcyu8v4dQn8bEFllFaIHt5yjfT9Kq3Tq5AJ9a6AdzkmUiGdrmMqQcHV0zKLMTdLLIl2sN72ZmkWCkilMacdLBjrLhIawOUfCngG57axiXEFOqjhWsumBEeV5yqIfgW335ASMSttEXtc418IRotD0rQEIX4UH78XuV6Lo7BWDjiAz0F0haMnPJhC/AMQGvgk2Yg6EVYxRueMMm6enNQ3ml0BJ71KmB/yFiivA1s6+f9PGvYMwIDAQABAoIBAQCerXIvSVVOjstyd7ftE4WH/KXmhfbVRcSyYvepBxbxOaaKdLtsajH/umkMcZA/FAp5dUfFMvMencQFx2dVZIh1z+mw68QtdIQz9zSxPzlZ7j1FPYdpfXCQd2T+1i9Kr/bthwvHZA+H+MqTatPW2R6kq8TjOJFLP80kJYdsaX5HRLMbZQyfVvMNpb9Qb1iSTY7r3dHsZ99x0GGkEiY4+g3qhPri2Fn+N64+CBg8EXYM5OWGOFUgtGn+xKP8YJW2t3roOQlNcXcyBR4WZebrUr2Vtqm+I5OKYDz2ED+KQR9LvEq/mQtCk8Opqc/55nMbRCsI+v3uq91dI+Xmr360kNyxAoGBAPOeQRavLMR3ebeLfa1VZRiMg6uH2004zs02kEPcvkcOceUHGwJ4NB0yPPWb...
scala> val algo = JwtAlgorithm.RS384
algo: pdi.jwt.JwtAlgorithm.RS384.type = RS384

scala> val Right(claimJson) = jawnParse(s"""{"expires":${Instant.now.getEpochSecond}}""")
claimJson: io.circe.Json =
{
  "expires" : 1484816589
}

scala> val Right(header) = jawnParse( """{"typ":"JWT","alg":"RS384"}""")
header: io.circe.Json =
{
  "typ" : "JWT",
  "alg" : "RS384"
}

scala> val token = JwtCirce.encode(header, claimJson, privateKey)
token: String = eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCJ9.eyJleHBpcmVzIjoxNDg0ODE2NTg5fQ.EQElbsrEtfxu1NLjYehKkpxiJrBMAcMx-pV7Zf0s_AHEBt3pBoEguxmcBYLdxPW9h_0K45pd2awee5dxRSDpC4Hdf4RN731IY0Ya8UfGe8og27t7qHuTVqm0jVGVlCOhtF4JQpu6TX84uvfxvJb0re8flc_MzLWkL78kkwBFO6AfyDSkGNHRdYJ3z_vi2LpUCSHXWPRluKAv8dZ32u4MIYaLlQYfpSW4k7aUy7Oopa-eN2albr1icf-Eik9AtpdZS3z8BosgVuOWg3_UlwFVFnKhU73t5ogwN--KEnXDkf66DcG2VrqT_oxHtskF1CG6dMxy5wMWPfEpL-emHsBrmg

scala> val pubKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC8hZ/FK4ZfFS5UwdBoKEH9sI6VGfekk9lQewLi+FxpG/u/3BadnJXHfp2xD8EcHaJyZ95WWfqRcvw9IIAlxq87Vwhd4eUk73CUop6NkJzK7y/h1CfxsQWWUVoge3nKN9P0qrdOrkAn1roB3OSZSIZ2uYypBwdXTMosxN0ssiXaw3vZmaRYKSKUxpx0sGOsuEhrA5R8KeAbntrGJcQU6qOFay6YER5XnKoh+BbffkBIxK20Re1zjXwhGi0PStAQhfhQfvxe5XoujsFYOOIDPQXSFoyc8mEL8AxAa+CTZiDoRVjFG54wybp6c1DeaXQEnvUqYH/IWKK8DWzr5/08a9gz"
pubKey: String = ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC8hZ/FK4ZfFS5UwdBoKEH9sI6VGfekk9lQewLi+FxpG/u/3BadnJXHfp2xD8EcHaJyZ95WWfqRcvw9IIAlxq87Vwhd4eUk73CUop6NkJzK7y/h1CfxsQWWUVoge3nKN9P0qrdOrkAn1roB3OSZSIZ2uYypBwdXTMosxN0ssiXaw3vZmaRYKSKUxpx0sGOsuEhrA5R8KeAbntrGJcQU6qOFay6YER5XnKoh+BbffkBIxK20Re1zjXwhGi0PStAQhfhQfvxe5XoujsFYOOIDPQXSFoyc8mEL8AxAa+CTZiDoRVjFG54wybp6c1DeaXQEnvUqYH/IWKK8DWzr5/08a9gz

scala> JwtCirce.decodeJsonAll(token, pubKey, Seq(JwtAlgorithm.RS384))
res3: scala.util.Try[(io.circe.Json, io.circe.Json, String)] = Failure(java.lang.IllegalArgumentException: Illegal base64 character 2d)

Has anyone an idea what I am doing wrong?

Thanks in advance for any help

Cheers Bernhard

Stoecki
  • 585
  • 1
  • 3
  • 16
  • 1
    `2d ` is the character `-`. Seems your decoder is trying to parse a base64 encoded string, but JWT is encoded in base64url. base64url encoding replaces from base64 `+` with `-` and `/` with `_` and removes trailing `=`. I do not why – pedrofb Jan 19 '17 at 12:09
  • I also assumed that it is related to base64 vs base64url, but I also have no idea how to try it out, not to talk about fixing it. I already looked into the source code but couldn't find a hint and the examples in the documentation don't show anything about RS384. – Stoecki Jan 19 '17 at 13:43
  • may be the problem is with public key. It is possible that your library needs a pkcs#1 encoded key instead of a ssh-rsa key – pedrofb Jan 19 '17 at 15:34

0 Answers0