Fix: InvalidAlgorithmError: The specified alg value is not allowed while trying to decode encoded jwt token in Python
Fix: InvalidAlgorithmError: The specified alg value is not allowed while trying to decode encoded jwt token in Python
我正在尝试解码我从授权服务收到的令牌。问题是当我尝试对其进行解码时,我得到 InvalidAlgorithmError: the specified alg value is not allowed.
当你看到下面这张图的时候。我可以从 jwt.io 站点解码令牌并查看有效负载。
我正在使用 PyJwt 库。您将在下面找到我的实现。
jwt.io 站点中的解码令牌
实施
import jwt
encoded = "eyJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTI1NiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL3dzLzIwMDgvMDYvaWRlbnRpdHkvY2xhaW1zL3JvbGUiOiJERVZFTE9QRVIiLCJ1c2VyZnVsbG5hbWUiOiJFcmljIE0gS2FyaW1pIiwidXNlcm5hbWUiOiJlcmljIiwidXNlcmlkIjoiMjkiLCJleHAiOjE1NzM0ODE0MzIsImlzcyI6IkVyaWMiLCJhdWQiOiJSZWFkZXJzIn0.tTQckIZGYNHE667NXrxT4YwT4DNZ01u3P3b3IMFyWR4"
key = "somekeyrequiredtodecode"
decoded = jwt.decode(encoded,key, algorithms=['HS256'])
完整的 StackTrace
~/Desktop/APIs/ncc-api/env/lib/python3.6/site-packages/jwt/api_jws.py in decode(self, jwt, key, verify, algorithms, options, **kwargs)
154 elif verify_signature:
155 self._verify_signature(payload, signing_input, header, signature,
--> 156 key, algorithms)
157
158 return payload
~/Desktop/APIs/ncc-api/env/lib/python3.6/site-packages/jwt/api_jws.py in _verify_signature(self, payload, signing_input, header, signature, key, algorithms)
214
215 if algorithms is not None and alg not in algorithms:
--> 216 raise InvalidAlgorithmError('The specified alg value is not allowed')
217
218 try:
InvalidAlgorithmError: The specified alg value is not allowed
In [7]: v = jwt.decode(key, s, algorithms=['HS256'])
---------------------------------------------------------------------------
InvalidAlgorithmError Traceback (most recent call last)
<ipython-input-7-a9465dfcaa4b> in <module>
----> 1 v = jwt.decode(key, s, algorithms=['HS256'])
~/Desktop/APIs/ncc-api/env/lib/python3.6/site-packages/jwt/api_jwt.py in decode(self, jwt, key, verify, algorithms, options, **kwargs)
90
91 decoded = super(PyJWT, self).decode(
---> 92 jwt, key=key, algorithms=algorithms, options=options, **kwargs
93 )
94
~/Desktop/APIs/ncc-api/env/lib/python3.6/site-packages/jwt/api_jws.py in decode(self, jwt, key, verify, algorithms, options, **kwargs)
154 elif verify_signature:
155 self._verify_signature(payload, signing_input, header, signature,
--> 156 key, algorithms)
157
158 return payload
~/Desktop/APIs/ncc-api/env/lib/python3.6/site-packages/jwt/api_jws.py in _verify_signature(self, payload, signing_input, header, signature, key, algorithms)
214
215 if algorithms is not None and alg not in algorithms:
--> 216 raise InvalidAlgorithmError('The specified alg value is not allowed')
217
218 try:
InvalidAlgorithmError: The specified alg value is not allowed
Header 中指定的算法对库无效。如果你想用这些解码,你需要用 { "alg": "HS256"} 编码 JWT。
您可以查看支持的算法:
from jwt.algorithms import get_default_algorithms
get_default_algorithms()
在某些(不推荐)情况下您不需要验证签名。
如果是这种情况,请使用:
jwt.decode(encoded_str, options={"verify_signature": False})
https://pyjwt.readthedocs.io/en/stable/usage.html#reading-the-claimset-without-validation
我正在尝试解码我从授权服务收到的令牌。问题是当我尝试对其进行解码时,我得到 InvalidAlgorithmError: the specified alg value is not allowed.
当你看到下面这张图的时候。我可以从 jwt.io 站点解码令牌并查看有效负载。
我正在使用 PyJwt 库。您将在下面找到我的实现。
jwt.io 站点中的解码令牌
实施
import jwt
encoded = "eyJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTI1NiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL3dzLzIwMDgvMDYvaWRlbnRpdHkvY2xhaW1zL3JvbGUiOiJERVZFTE9QRVIiLCJ1c2VyZnVsbG5hbWUiOiJFcmljIE0gS2FyaW1pIiwidXNlcm5hbWUiOiJlcmljIiwidXNlcmlkIjoiMjkiLCJleHAiOjE1NzM0ODE0MzIsImlzcyI6IkVyaWMiLCJhdWQiOiJSZWFkZXJzIn0.tTQckIZGYNHE667NXrxT4YwT4DNZ01u3P3b3IMFyWR4"
key = "somekeyrequiredtodecode"
decoded = jwt.decode(encoded,key, algorithms=['HS256'])
完整的 StackTrace
~/Desktop/APIs/ncc-api/env/lib/python3.6/site-packages/jwt/api_jws.py in decode(self, jwt, key, verify, algorithms, options, **kwargs)
154 elif verify_signature:
155 self._verify_signature(payload, signing_input, header, signature,
--> 156 key, algorithms)
157
158 return payload
~/Desktop/APIs/ncc-api/env/lib/python3.6/site-packages/jwt/api_jws.py in _verify_signature(self, payload, signing_input, header, signature, key, algorithms)
214
215 if algorithms is not None and alg not in algorithms:
--> 216 raise InvalidAlgorithmError('The specified alg value is not allowed')
217
218 try:
InvalidAlgorithmError: The specified alg value is not allowed
In [7]: v = jwt.decode(key, s, algorithms=['HS256'])
---------------------------------------------------------------------------
InvalidAlgorithmError Traceback (most recent call last)
<ipython-input-7-a9465dfcaa4b> in <module>
----> 1 v = jwt.decode(key, s, algorithms=['HS256'])
~/Desktop/APIs/ncc-api/env/lib/python3.6/site-packages/jwt/api_jwt.py in decode(self, jwt, key, verify, algorithms, options, **kwargs)
90
91 decoded = super(PyJWT, self).decode(
---> 92 jwt, key=key, algorithms=algorithms, options=options, **kwargs
93 )
94
~/Desktop/APIs/ncc-api/env/lib/python3.6/site-packages/jwt/api_jws.py in decode(self, jwt, key, verify, algorithms, options, **kwargs)
154 elif verify_signature:
155 self._verify_signature(payload, signing_input, header, signature,
--> 156 key, algorithms)
157
158 return payload
~/Desktop/APIs/ncc-api/env/lib/python3.6/site-packages/jwt/api_jws.py in _verify_signature(self, payload, signing_input, header, signature, key, algorithms)
214
215 if algorithms is not None and alg not in algorithms:
--> 216 raise InvalidAlgorithmError('The specified alg value is not allowed')
217
218 try:
InvalidAlgorithmError: The specified alg value is not allowed
Header 中指定的算法对库无效。如果你想用这些解码,你需要用 { "alg": "HS256"} 编码 JWT。
您可以查看支持的算法:
from jwt.algorithms import get_default_algorithms
get_default_algorithms()
在某些(不推荐)情况下您不需要验证签名。 如果是这种情况,请使用:
jwt.decode(encoded_str, options={"verify_signature": False})
https://pyjwt.readthedocs.io/en/stable/usage.html#reading-the-claimset-without-validation