如何在 POSTMAN 中解码 jwt 令牌? [英] How to decode jwt token in POSTMAN?

问题描述

我想解码使用 Postman 收到的 jwt 令牌并在 REST API 中实现它.我怎样才能做到这一点?我看到人们发布了解码 jwt 令牌的代码(参考:

hmacSHA256 不是一种加密算法，而是一种散列算法，因此无法对其进行解码，因为散列是单向函数.

因为最后一部分是在表格中

HMACSHA256 of ( base64(header) + "." + base64(body) )

您可以尝试创建它并将两者等同起来

I want to decode jwt token that I received using Postman and implement it in REST API. How can I do that? I saw people posted code to decode the jwt token (reference: How to decode jwt token in javascript without using a library?) but I dont understand how to do it in postman? What url needed to decode the jwt? What headers, authorisation needed?

解决方案

Postman supports cryptojs library : https://learning.postman.com/docs/writing-scripts/script-references/postman-sandbox-api-reference/#using-external-libraries

Add below example to postman test script:

let jwt = `eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJ0b3B0YWwuY29tIiwiZXhwIjoxNDI2NDIwODAwLCJodHRwOi8vdG9wdGFsLmNvbS9qd3RfY2xhaW1zL2lzX2FkbWluIjp0cnVlLCJjb21wYW55IjoiVG9wdGFsIiwiYXdlc29tZSI6dHJ1ZX0.UsrGn95rk5DStcC_WwIr3WIv5rHe2IApX56I58l8uyo`

a = jwt.split('.');


//a.forEach(function (val) {
    var words = CryptoJS.enc.Base64.parse(a[1]);
    var textString = CryptoJS.enc.Utf8.stringify(words);

    console.log(textString)
//})

Output:

The hmacSHA256 is not an encryption algorithm but an Hashing algorithm so there is no way to decode it as hashing is one-way function.

as the last part is in the form

HMACSHA256 of ( base64(header) + "." + base64(body) )

you can try creating it and equating both are equal

这篇关于如何在 POSTMAN 中解码 jwt 令牌?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！