0

My Controller looks like this:

    [Route("Test/{token}")]
    public ActionResult Test(string token)
    {
        try
        {
            return this.View(this.jwtService.DecryptJwtToken(token));
        }
        catch (SecurityTokenInvalidSignatureException)
        {
            return this.View("Error");
        }
    }

when i type http://localhost:52006/Test/ddd im hitting my method. But when i use something like this:

http://localhost:52006/Test/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxIiwianRpIjoiMTUiLCJleHAiOjE1NTY3OTc1MDh9.iza_zuDL8aB7osanbs76rtVzTiBpemNwfNin5zljYwA

I get 404 Not found. I bet its because JWT token have dots in his body. My question is, how to pass JWT token to my ASP MVC method by routing?

michasaucer
  • 4,562
  • 9
  • 40
  • 91
  • 4
    you should add the token to the header as opposed to the route – bilpor Apr 30 '19 at 12:56
  • Thanks, but i dont know what r you talking about. Could you explain for me, what header is? – michasaucer Apr 30 '19 at 12:57
  • It's a big subject. Here's a link to an example https://www.codeproject.com/Articles/1203978/JWT-Security-Part-Secure-MVC-application – bilpor Apr 30 '19 at 12:59
  • Ok, i get it, but there is option to pass it as parameter in my routing? – michasaucer Apr 30 '19 at 13:01
  • 1
    If routing does not allow for dot (`.`) then here is quick fix for you that you can make one pattern to accept your jwt token and then send it to server. So the pattern like => `http://localhost:52006/Test?token=$$..................$$` where `$$` is pattern for your token and dots between patterns replace with token.. and then server side just read query string value and extract token between `$$` and `$$`, got it? – er-sho Apr 30 '19 at 13:06
  • 1
    @er-sho replacing dots by `&&` works, thanks – michasaucer Apr 30 '19 at 13:16
  • @michasaucer, glad to hear that it works :) – er-sho Apr 30 '19 at 13:30
  • @GregH `JWT` spec the string is `Base64Url encoded` and a dot `.` is "fine" for urls... – EdSF Apr 30 '19 at 17:36
  • I haven't tried the [suggestion of simply adding a `/`](https://stackoverflow.com/a/13397417/304683) if you _can't_ put the `JWT` token in header as previously suggested.. – EdSF Apr 30 '19 at 17:40
  • @EdSF its not in mvc, because after `dot` server looking for file etc in directory. `$$` works great. Its not too elegant, but works ok when you are good with preprocessing your token – michasaucer Apr 30 '19 at 18:41

0 Answers0