Comments (6)
Are you sure that you're not double-encoding the token? As in doing URL-encoding of the token twice?
Also, could you please provide the token?
from galene.
Sorry, forgot the token:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJycnVzZXIiLCJhdWQiOiJodHRwczpcL1wvZ2FsZW5lLnNlcnZlci50c3Q6ODAwOFwvZ3JvdXBcL2V4dFwvIiwicGVybWlzc2lvbnMiOlsicHJlc2VudCJdLCJpYXQiOjE2NzEyMjUxMTcsImV4cCI6MTY3MTIyODcxNywiaXNzIjoiaHR0cHM6XC9cL2F1dGguZXhhbXBsZS5vcmcifQ.mIp1tTkp2DF0UKTh8dztV6JbSpfn7ev22v9YFFKj1f0
I used this as it is here as url arg ?token=
For generating the token I was using a PHP library ReallySimpleJWT, but tried it although with the python jwt
from galene.
MYz3IfCq4Yq-UmPdNqWEOdPl4C_m9imHHs9uve#DUJGQ
The #
sign is not allowed in Base64. I think you made a mistake when you copied the key.
from galene.
Thank you for the fast answer!
It's funny, I followed this rule: https://github.com/RobDWaller/ReallySimpleJWT#secret-strength
(so yes, I changed the key from your example slightly) not sure if the security consideration that is mentione is correct?
But https://dinochiesa.github.io/jwt/ validates it as correct.
Or am I absolutely wrong? Is the "k": .... the secret in base64 ???
from galene.
Is the "k": .... the secret in base64 ???
Yes. See RFC 7518 Section 6.4.1:
The "k" (key value) parameter contains the value of the symmetric (or
other single-valued) key. It is represented as the base64url
encoding of the octet sequence containing the key value.
User-provided passphrases tend to be weak. For shared tokens between servers, it is better to generate the secrets using a strong random number generator. The jose
utility can be used to do that:
jose jwk gen -i '{"alg": "HS256"}'
If you think it's useful, I can write a utility to generate suitable keys and include it with Galene.
from galene.
Great, that was my fault and solves my Problem!
(I am able to read, but I probably reading the wrong things =) )
from galene.
Related Issues (20)
- Odd spacing glitch on Microsoft edge on Manjaro Linux HOT 2
- Local recording using getDisplayMedia and getUserMedia HOT 4
- Virtual background or background blur HOT 10
- When using any filter and trying to logout we get an error "Uncaught TypeError: c.sc is null" HOT 1
- Activity detection is does not working HOT 4
- multi language HOT 7
- Ldap integration HOT 1
- Bcrypt Encryption HOT 1
- TypeError: navigator.mediaDevices is undefined HOT 3
- Websocket upgrade: websocket: request origin not allowed by Upgrader.CheckOrigin HOT 4
- Failed to ping without candidate pairs. Connection is not possible yet. HOT 1
- Allow exposing Galene on a specific path (host.com/some/path/galene) on a reverse proxy. HOT 1
- Question: Can I set the timing for removal of messages? HOT 2
- browser to remember username and password HOT 1
- any api available? HOT 6
- Websocket connection fails on Firefox HOT 3
- installing instructions not clear at all HOT 3
- display connection time in the UI HOT 5
- token managment HOT 6
- Would it be possible to use the github "releases" feature HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from galene.