Articles

Affichage des articles du février, 2020

Decoding JWTs in the terminal

Image
These past few days, I have been working on integrating IBM App ID into our Java backend and Android frontend codebases. Because of this, I would find myself going back and forth between the terminal and JWT.io whenever I need to inspect a JWT's payload. I don't want to call it a "JWT token" because that would be a bad case of RAS and I'm pedantic like that, but I digress. Instead of relying on a website to do that for me, I figured why not just do it from the terminal. I did some reading and it turns out that JWTs are relatively easy to parse : Split the token using the dot character as a delimiter Base 64 decode the first portion to get the header Base 64 decode the second portion to get the payload The third portion serves as a signing mechanism for the token. I chose to ignore the signing logic for the script I intended to write because it was irrelevant for my use case. I ended up writing a command line tool in D to help me inspect JWTs. The ma