What is a JWT? How are they used? Find out in this post!
Justin Walsh
Homebrew also allows one to easily install coreutils on Linux, and WSL2.
Making brew install coreutils available in most developers coding environments.
Riccardo10
Hi Brian,
Very nice introduction to JWTs.
One quick question, is it possible to programmatically revoke or delete a jwt after a user has signed out of an application? Or better still if there has been inactivity for a period of time?
Thanks.
Thanks! I’ll get it updated!
I tried following steps in Linux. Although, header and payload are not tampered, signature and output doesn’t match. What am I missing?
token="eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjoiSm9lIENvZGVyIn0.5dlp7GmziL2QS06sZgK4mtaqv0_xX4oFUuTDh1zHK4U"
signature=$(echo $token | cut -f 3 -d '.')
secret_key_in_hex=$(echo -n $signature'=' | basenc -d --base64url | hexdump -ve '/1 "%02x"')
headpay=$(echo $token | cut -f -2 -d '.')
echo -n $headpay | openssl dgst -sha256 -macopt hexkey:${secret_key_in_hex} -mac hmac -binary | basenc --base64url | sed 's/=//'