How get information in jwt format without signature?
have the token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ
I want to get the information encoded by the previous format. It's possible? Without that you have to use some signature? Is there any tool in java that will allow you to do without signing?
The token is Base64url encoded. You can get content by decoding the token with a decoder. Here is an example of web-based decoder. You don't need the signature to decode it. When I try to decode the header and payload:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9
(note that this is without the signature)
I get:
{"alg":"HS256","typ":"JWT"}{"sub":"1234567890","name":"John Doe","admin":true}
You can look at this and this question for a Java-based approach. Look for solutions that handle encoded strings without padding.
