Scribd
Upload
3 views1 page

jwt_Dec

Uploaded by

ebenezergmeskel
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
3 views1 page

jwt_Dec

Uploaded by

ebenezergmeskel
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 1

import base64

import json
import hmac
import hashlib

# Your JWT Token


jwt_token = "YOUR_JWT_HERE"

# Secret Key (Only needed for HS256, HS512 verification)


SECRET_KEY = "your_secret_key_here" # Replace with the correct secret if available

def base64_decode(data):
"""Decodes base64 string with padding handling"""
data += '=' * (-len(data) % 4) # Fix padding issues
return base64.urlsafe_b64decode(data).decode('utf-8')

def verify_signature(header, payload, signature, secret_key):


"""Verifies the JWT signature using HMAC-SHA512"""
header_payload = f"{header}.{payload}".encode()
computed_signature = hmac.new(
secret_key.encode(), header_payload, hashlib.sha512
).digest()
computed_signature_b64 =
base64.urlsafe_b64encode(computed_signature).decode().rstrip("=")

if computed_signature_b64 == signature:
print("\n✅ Token is VALID (Signature is verified)\n")
else:
print("\n❌ Token is INVALID (Signature mismatch!)\n")

# Split JWT
header, payload, signature = jwt_token.split('.')

# Decode Header & Payload


decoded_header = json.loads(base64_decode(header))
decoded_payload = json.loads(base64_decode(payload))

# Print Decoded Data


print("\n📌 Header:", json.dumps(decoded_header, indent=4))
print("\n📌 Payload:", json.dumps(decoded_payload, indent=4))

# Verify Signature (Only if HMAC secret is available)


if decoded_header["alg"].startswith("HS"): # Works for HS256, HS512, etc.
verify_signature(header, payload, signature, SECRET_KEY)
else:
print("\n⚠️ Cannot verify signature: Requires public/private key (RSA/ECDSA)\
n")

You might also like