Home > Enterprise >  jwt.io says Signature Verified even when key is not provided
jwt.io says Signature Verified even when key is not provided

Time:11-07

I signed a jwt in nodejs with the below snipet.

var jwtoken = jwt.sign({ email: '[email protected]', name: 'test' }, 'abcd');

I got the below token after signing

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InRlc3RAdGVzdC5jb20iLCJuYW1lIjoidGVzdCIsImlhdCI6MTYzNjE4MjYwOX0.07FXjm1lKEIiU_QOMEEOFzhsC0vtKt4PFoW-7YHHzyM

I wanted to verify this with enter image description here

Then the result, either 'signature' verified' or 'invalid signature', will be correct.

Every secret that you enter after that causes a recalculation of the signature and then it's always verified (with the new secret): enter image description here

But if you do it in the right order, a wrong secret causes an "invalid signature" result:

enter image description here

Page link:https//www.codepudding.com/Enterprise/182051.html

Prev:Detect wrong UTF8 character on string
Next:Generating CSV in Rails from crossed Model
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding