[Apiman-user] base64 encoding of tokens

[Tim Dudgeon]

Mark,

Thanks - I had worked that out.
The information you gave was very useful.

Tim

On 16/10/2015 11:02, Marc Savy wrote:
> Tim,
>
> Sorry, I managed to make a typo of the URL in this post.
>
> It was meant to be http://www.jwt.io :-)
>
> On 11/10/2015 22:51, Marc Savy wrote:
>> Tim,
>>
>> You're right. I'll have to update the blog.
>>
>> What Keycloak returns in the access_token field is a JWT (see
>> http://www.jtw.io), which is a string split into 3 base64 parts,
>> separated by full stops (header, payload and signature info) as is
>> highlighted on jwt.io when you paste your token :-).
>>
>> Alternatively, if you use something like Ruby's Base64 decoder (which is
>> a bit more tolerant), you'll see useful info coming out.
>>
>> Regards,
>> Marc
>>
>> On 11/10/2015 16:40, Tim Dudgeon wrote:
>>> According to this:
>>> http://www.apiman.io/blog/gateway/security/oauth2/keycloak/authentication/authorization/2015/06/09/keycloak-oauth2.html
>>> the tokens returned by keycloak are base64 encoded, but when I try to
>>> decode I get an error.
>>>
>>> $ curl -X POST
>>> http://192.168.59.103:8080/auth/realms/myrealm/protocol/openid-connect/token
>>> -H "Content-Type: application/x-www-form-urlencoded" -d "username=user1"
>>> -d 'password=secret' -d 'grant_type=password' -d 'client_id=echo' -s |
>>> jq -r '.access_token' | base64 -D
>>> Invalid character in input stream.
>>>
>>> How are the tokens supposed to be decoded?
>>>
>>> Tim
>>> _______________________________________________
>>> Apiman-user mailing list
>>> Apiman-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/apiman-user
>>>
>> _______________________________________________
>> Apiman-user mailing list
>> Apiman-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/apiman-user
>>
> _______________________________________________
> Apiman-user mailing list
> Apiman-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/apiman-user