Decode the access token from JWT Format

1
votes

We are using nginx server for reverse proxying with openresty openid lua installed.... This means that every request has an Authorization header containing JWT token - access id and refresh token.

Now, what we need to do is decode the access token because I need the sub from the JWT token and log it on nginx server.

Is there a way to decode and log JWT? I looked into the openidc.lua file and I can see that it decodes the id token but I can't see where I can decode the access token.

Any help would be greatly appreciated.

2
luaoauth-2.0jwtdecodeopenid-connect

2 Answers

3
votes

This done the trick for me 

local jwt = require "resty.jwt"
local jwt_obj = jwt:load_jwt(res.access_token)
local cjson = require "cjson"
ngx.log(ngx.DEBUG, "res.access_token.sub=", cjson.encode(jwt_obj))
0
votes

A JWT token (or better said a JWS, a signed token) just consists of two Base64Url encoded JSON structures and a signature.

To see how it works, you an check your token on https://jwt.io

On that site you'll also find links to JWT frameworks for different languages, also for Lua. But to read the contents of a JWT/JWS you just need a Base64Url decoder and a JSON derserializer.