You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@jmeter.apache.org by bu...@apache.org on 2019/12/24 10:23:57 UTC
[Bug 64030] New: New function or controler JWT decode
https://bz.apache.org/bugzilla/show_bug.cgi?id=64030
Bug ID: 64030
Summary: New function or controler JWT decode
Product: JMeter
Version: 5.2.1
Hardware: PC
Status: NEW
Severity: normal
Priority: P2
Component: Main
Assignee: issues@jmeter.apache.org
Reporter: sebastian.boga@endava.com
Target Milestone: JMETER_5.2
We need to decode JWT information directly in JMeter.
Can we have a function to do this for us?
Note: we, as testers we decode the information inside JWT using the website
https://jwt.io/
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 64030] New function or controler JWT decode
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=64030
Philippe Mouawad <p....@ubik-ingenierie.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |p.mouawad@ubik-ingenierie.c
| |om
OS| |All
--- Comment #2 from Philippe Mouawad <p....@ubik-ingenierie.com> ---
Hello Felix,
Thanks for this patch.
Why not use one of those 3 which are license compatible with Apache and have
wider support of algos ?
- https://github.com/jwtk/jjwt
- https://github.com/auth0/java-jwt
- https://vertx.io/docs/vertx-auth-jwt/js/
I would avoid using minidev json-smart as it seems it has no activity anymore
Regards
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 64030] New function or controler JWT decode
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=64030
--- Comment #1 from Felix Schumacher <fe...@internetallee.de> ---
Created attachment 36930
--> https://bz.apache.org/bugzilla/attachment.cgi?id=36930&action=edit
Simple implementation of a JWT decode function for HMACs
This is a sample (and simple) implementation of a JWT decode function, that
implements HS256-HS512 JWT tokens.
What does it support:
* HS256-HS512
* Decodes the payload to string
* checks integrity of the JWT when the shared secret is given
What is missing:
* all other possible MACs
* documentation
* internal usage of one of the available JWT java libraries
* thoughts about the ux
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 64030] New function or controler JWT decode
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=64030
--- Comment #3 from Sebastian Boga <se...@endava.com> ---
Hello
Any news about this?
We are using this part of code in a JSR223 to decode the JWT until we will
have a proper Function
import org.apache.commons.codec.binary.Base64;
String jwtToken = vars.get("auth_token");
log.info("------------ Decode JWT ------------");
String[] split_string = jwtToken.split("\\.");
String base64EncodedHeader = split_string[0];
String base64EncodedBody = split_string[1];
String base64EncodedSignature = split_string[2];
log.info("~~~~~~~~~ JWT Header ~~~~~~~");
Base64 base64Url = new Base64(true);
String header = new String(base64Url.decode(base64EncodedHeader));
log.info("JWT Header : " + header);
log.info("~~~~~~~~~ JWT Body ~~~~~~~");
String body = new String(base64Url.decode(base64EncodedBody));
log.info("JWT Body : "+body);
prev.setResponseData(body,"UTF-8");
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 64030] New function or controler JWT decode
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=64030
Philippe Mouawad <p....@ubik-ingenierie.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Severity|normal |enhancement
--
You are receiving this mail because:
You are the assignee for the bug.