Last active
August 30, 2020 15:40
-
-
Save georgepadayatti/a034ba82a454224a595e2a80b02be883 to your computer and use it in GitHub Desktop.
Decoding RSA 256 JWT from keycloak in python
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import base64 | |
| from codecs import encode | |
| import jwt | |
| from Crypto.PublicKey import RSA | |
| n = "<BASE64 RSA MODULUS>" | |
| e = "<BASE64 RSA EXPONENT>" | |
| # fixing the padding and base64 decoding | |
| n = base64.urlsafe_b64decode(n + "==") | |
| e = base64.urlsafe_b64decode(e) | |
| # bytes to integer | |
| n = int(encode(n, 'hex'), 16) | |
| e = int(encode(e, 'hex'), 16) | |
| # constructing RSA public key and exporting it in PEM format | |
| key = RSA.construct((n, e)) | |
| public_key = key.exportKey(format="PEM") | |
| encoded = "<JWT TOKEN>" | |
| # decoding the jwt token using the public key (remember to provide proper audience) | |
| decoded = jwt.decode(encoded, public_key, audience="account", algorithms='RS256') | |
| print(decoded) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment