2

I am somewhat new to python and have never used it before to verify jwt tokens.

I'm writing a lambda function. I'm sure the issue is something simple but can't seem to get around it.

I keep getting this error:

{
  "errorType": "JWTError",
  "errorMessage": "Error decoding token headers.",
  "stackTrace": [
    "  File \"/var/task/index.py\", line 43, in handler\n    claims = token_verifier(keys, token)\n",
    "  File \"/var/task/index.py\", line 74, in token_verifier\n    headers = jwt.get_unverified_headers(token)\n",
    "  File \"/var/task/jose/jwt.py\", line 193, in get_unverified_headers\n    return get_unverified_header(token)\n",
    "  File \"/var/task/jose/jwt.py\", line 173, in get_unverified_header\n    raise JWTError('Error decoding token headers.')\n"
  ]
}

I am creating a virtual envrionment on my Mac for 3.7 and have a pretty simple requirements.txt file:

python-jose
configparser
ecdsa
future
pyasn1
rsa
six
urllib3

My code blows up on this 1st line:

    headers = jwt.get_unverified_headers(token)
    kid = headers['kid']

...

It doesn't matter what the actual token value is, it's obviously an issue with the way I'm using the libraries. Probably some incompatibility. I've googled and have not seen anyone else having this issue so it must be something really stupid I'm doing :)

Can someone please help? Thanks.

Mike
  • 763
  • 2
  • 12
  • 25
  • Could it be a file encoding issue? e.g. the input is UTF-8 and the code expects ASCII (or the other way around, or some other encoding altogether). – norok2 Jan 29 '19 at 12:08
  • What norok2 said. Have a look through this GH issue (https://github.com/jpadilla/pyjwt/issues/319), maybe it applies to your situation as well? – Milan Cermak Jan 29 '19 at 13:17
  • Thanks. Still trying to figure it out. Not sure it's an encoding issue but I'll keep trying some things. I paste the token in jwt.io and it has no trouble at all decoding it and showing me the headers in plain text. This is frustrating. – Mike Jan 30 '19 at 01:51
  • As expected, easily fixable issue on my end. I was passing in an invalid string. Working as expected. – Mike Feb 06 '19 at 15:34

1 Answers1

1

The error is coming because the structure of your token is invalid. The token should be in the form of this abc.abc.abc. Header, Payload and Signature separated by 3 dots.

Abhishek Balani
  • 3,827
  • 2
  • 24
  • 34
  • 1
    You are correct. I understood the format the token needed to be in, but I had extra characters in there and didn't realize it. But, in the end, it was my fault and the token was bad. Thanks! – Mike Mar 19 '19 at 10:40