use JWT payload before verification

2
votes

I'm integrating JWT into my service that will be used by mobile clients. The idea is to include user id in the payload and sign in with user's private key on the client. Then, on the service side, extract the user id and verify the signature using the public key. It's seems quite a few people do this, based on number of questions how to extract JWT payload before verifying it. But on the other hand often it is stated that 'Always verify the signature before you trust any information in the JWT'.

What is a correct way to implement this? Should I include user id and signature into payload and then sign it with client private key?

3
jwt

3 Answers

2
votes

Using asymmetric RSA private/public key algorithm, you should verify your token before accessing your payload. With a pub key you can both verify token and decode payload:

  1. Client Send user credentials { email: "[email protected]", password:"secret" } by POST request to service
  2. If the credentials match sign a JWT token with private key to create token and add user_id to payload.

Your server or authentication service who should hold the private key. Not your client.

  1. Send JWT token as response back to client.
  2. Client uses Public key to verify and decode your token.
  3. Access your payload claims(user_id).

Using symmetric HMAC For single key verification(default algorithm) you can decode your payload from base64 in client without the need of verifying your token in client side:

  1. Client Send user credentials { email: "[email protected]", password:"secret" } by POST request to service
  2. If the credentials match sign a JWT token with JWT secret to create token and add user_id to payload.
  3. Send JWT token as response back to client.
  4. Decode your payload from base64 and access your claims(user_id) in client side.
1
votes

JWT authentication is used usually in a two phase authentication logic. First, you give your user id and password in a basic auth request over SSL. If it is verfied by the service, the service creates a JWT access token and send it back to the client. Second, this JWT can be used by the client for authentication (over SSL) until its lifetime lasts. Not really necessary making a signature for the payload with asymmetric method. You can use symmetric key that quicker, because you do not have to decrypt it on the client.

You can find more details e.g. on this site.

1
votes

Your authentication process is absolutely valid. It is needed to extract the userid claim from payload to locate the matching public key. Only after verifying the signature you can "trust" the issuer.

In the usual authentication scheme for web sites (e.g login with username/pwd), tokens are issued by server using a unique secret key, so the server does not need to inspect the payload to select the verifying key. But when the private key is owned by clients, in yoyr case the mobile device, each jwt have a different signing key and therefore your verification process is not the same than the usual one