Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Problem decoding token

See original GitHub issue

Hello, thanks for making pyjwt!

I’ve been trying to use it in my Django application, however, something weird is happening: I can’t decode the token!

This is how I’m creating the token

token = jwt.encode({
    'user_id': user.id
}, key='secret', algorithm='HS256')

And creating a token with user_id: 1 gives me this token b'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxfQ.J_RIIkoOLNXtd5IZcEwaBDGKGA3VnnYmuXnmhsmDEOs', however it says invalid signature in https://jwt.io/ for some reason.

Trying to decode my token in the server throws this error:

Traceback (most recent call last):
  File "/home/andres/venv/zyru/lib/python3.6/site-packages/jwt/api_jws.py", line 170, in _load
    header_data = base64url_decode(header_segment)
  File "/home/andres/venv/zyru/lib/python3.6/site-packages/jwt/utils.py", line 42, in base64url_decode
    return base64.urlsafe_b64decode(input)
  File "/home/andres/venv/zyru/lib/python3.6/base64.py", line 133, in urlsafe_b64decode
    return b64decode(s)
  File "/home/andres/venv/zyru/lib/python3.6/base64.py", line 87, in b64decode
    return binascii.a2b_base64(s)
binascii.Error: Incorrect padding

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/home/andres/Code/Python/zyru-api/members/schema.py", line 41, in get_user
    decoded = jwt.decode(token, 'secret')
  File "/home/andres/venv/zyru/lib/python3.6/site-packages/jwt/api_jwt.py", line 70, in decode
    payload, signing_input, header, signature = self._load(jwt)
  File "/home/andres/venv/zyru/lib/python3.6/site-packages/jwt/api_jws.py", line 172, in _load
    raise DecodeError('Invalid header padding')
jwt.exceptions.DecodeError: Invalid header padding

Why is the exception happening?

Thanks a lot!

Issue Analytics

  • State:closed
  • Created 6 years ago
  • Comments:9 (3 by maintainers)

github_iconTop GitHub Comments

62reactions
vimalloccommented, Dec 15, 2017

This isn’t right:

decoded = jwt.decode(token, 'secret', 'utf-8')

You want to create the token like such:

# The decode call here doesn't decode the jwt, it converts the encoded jwt from
# a byte string to a utf-8 string.
data = {'foo': 'bar'}
encoded_token = jwt.encode(data, 'secret', 'HS256').decode('utf-8')

and decode it like:

decoded_token = jwt.decode(encoded_token, 'secret', algorithms=['HS256'])
40reactions
vimalloccommented, Dec 15, 2017

Try decoding the token to utf-8:

jwt.encode(data, secret, algorithm).decode('utf-8')

In jwt.io, you need to get rid of the b'' part of the string. That indicates that it is a byte string, and is not actually part of the token.

Read more comments on GitHub >

github_iconTop Results From Across the Web

Decode JWT runtime error troubleshooting | Apigee Edge
This error occurs if the JSON Web Token (JWT) specified in the <Source> element of the Decode JWT policy is malformed, invalid or...
Read more >
Decode JWT runtime error troubleshooting | Apigee X
This error occurs if the JSON Web Token (JWT) specified in the <Source> element of the Decode JWT policy is malformed, invalid or...
Read more >
Token decode error · Issue #61 · auth0/jwt-decode - GitHub
Some of our users have randomly been getting errors like and Invalid token specified: e is undefined thrown when their token is decoded....
Read more >
Problem decoding JWT token with public key from Gravitee in ...
I'm trying to decode a Gravitee JWT ...
Read more >
Built in token service unable to decode token - Opster
This guide will help you check for common problems that cause the log ” Built in token service unable to decode token ”...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

ValueError: Could not deserialize key data.

Next page

Python type hints