dpjo15650 2015-12-13 14:47
浏览 54
已采纳

JWT解码包括不需要的html标签

im usin the following php function to return the value of the 'uid' claim in the payload of a jwt:

function isLoggedIn($headers)
    {
        $ret = false;
        if (!empty($headers['Authorization']))
                {
                  $parts = explode('.', $headers['Authorization']);
                  echo base64_decode($parts[1]);
                  return 7; //currently set a 7 just function 
                }
    }

the string returned in 

    echo base64_decode($parts[1]);

has html tags included

    <br />"iss": "www.thetenticle.com",<br />"iat": "1449405778",<br />"nbf": "1449405838",<br />"exp": "1449492238",<br />"uid": "batman"<br />}

i dont want this because i need to find out what is in the value of 'uid'. what am i doing wrong?

ps i know there is more to handling a jwt than this, but for now i just need to get the id of the logged in in user.

i essentially need an array of claims 

</div>
  • 写回答

1条回答 默认 最新

  • douyo770657 2016-03-07 11:51
    关注

    From another answer on SO:

    The problem is related to the fact that the base64 alphabet is not URL-safe. In this particular case, your base64-encoded string contains a +, which is interpreted as a space.

    Code from php-jwt to safely decode the input:

    public static function urlsafeB64Decode($input) {
    $remainder = strlen($input) % 4;
    if($remainder) {
        $padlen = 4 - $remainder;
        $input .= str_repeat('=', $padlen);
    }
    return base64_decode(strtr($input, '-_', '+/'));
}
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 高价求中通快递查询接口
  • ¥15 解决一个加好友限制问题 或者有好的方案
  • ¥15 关于#java#的问题,请各位专家解答!
  • ¥15 急matlab编程仿真二阶震荡系统
  • ¥20 TEC-9的数据通路实验
  • ¥15 ue5 .3之前好好的现在只要是激活关卡就会崩溃
  • ¥50 MATLAB实现圆柱体容器内球形颗粒堆积
  • ¥15 python如何将动态的多个子列表,拼接后进行集合的交集
  • ¥20 vitis-ai量化基于pytorch框架下的yolov5模型
  • ¥15 如何实现H5在QQ平台上的二次分享卡片效果?