0

I am trying to decode a JWT encrypted strying in PHP. The string is valid, as it decodes perfectly here: Working Demo

I am using this GITHUB to decode.

My snippet is, which fetches a public key from google in an array, which works good. But the decoding part gives the following errors.

include('JWT.php');

$refresh = false;
if (file_exists('oauthkey')) {
   $age = time() - filemtime('oauthkey');
   if ($age > 20000)
      $refresh = true;   
} else
   $refresh = true;

if ($refresh) {
   $oauthKey = file_get_contents('https://www.googleapis.com/oauth2/v1/certs')
      or die('Failed to retrieve google public key.');
   $keyFile = fopen('oauthkey', 'w') or die ('Failed to open public key file for writing.');
   fwrite($keyFile, $oauthKey);
   fclose($keyFile);
} else {
   $keyFile = fopen('oauthkey', 'r') or die ('Failed to open public key file for reading.');
   $oauthKey = fread($keyFile, 5000) or die ('Failed to read from public key file.');
   fclose($keyFile);   
}
$oauthKey = json_decode($oauthKey, true); // get key from Google in Array

$jwtstring = 'eyJhbGciOiJS...'; // full long JWT encoded string

$bla = JWT::decode($jwtstring, $oauthKey);

echo print_r($bla);

ERRORS:

PHP Notice:  Undefined index: 433d0da18366fcdc43301fd1e142294a6209e451 in /home/domain.com/php-jwt-master/Authentication/JWT.php on line 64
PHP Warning:  openssl_verify(): supplied key param cannot be coerced into a public key in /home/domain.com/php-jwt-master/Authentication/JWT.php on line 179
PHP Fatal error:  Uncaught exception 'DomainException' with message 'OpenSSL unable to verify data: ' in /home/domain.com/php-jwt-master/Authentication/JWT.php:181
Stack trace:
#0 /home/domain.com/php-jwt-master/Authentication/JWT.php(71): JWT::verify('eyJhbGciOiJSUzI...', '+??????0?????SK...', NULL, 'RS256')
#1 /home/domain.com/php-jwt-master/Authentication/testjwt.php(31): JWT::decode('eyJhbGciOiJSUzI...', Array)
#2 {main}
  thrown in /home/domain.com/php-jwt-master/Authentication/JWT.php on line 181
Improve this question
2
  • you could probably pick the code directly out of the Google PHP client lib. my question is why aren't you using the Google php client lib to begin with? github.com/google/google-api-php-client Commented Feb 13, 2015 at 8:11
  • As far as I know it's not part for that library. Also Google specifies in their documentation regarding JWT to use github.com/luciferous/jwt or github.com/firebase/php-jwt for this. Which I have. It's just giving me some errors. Commented Feb 13, 2015 at 8:21

1 Answer 1

Reset to default
2

Found the issue.

Had to add 'false' to the decode statement.

$bla = JWT::decode($jwtstring, $oauthKey, false);
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.