Problem with JWT Signing

jordan30001 · November 4, 2017, 12:24pm

Updated:

I am having a little problem with getting JWT verified and I am not sure what it is I am doing wrong.

I am using the Java version of JWT ( GitHub - auth0/java-jwt: Java implementation of JSON Web Token (JWT) )

My backend code is as follows

Algorithm algorithm = Algorithm.HMAC256(Base64.getDecoder().decode("the EBS Secret"));
String token = JWT.create()
        .withClaim("pubsub_perms": nestedClaim)
    .withClaim("exp", new Date(System.currentTimeMillis() + 60000))
    .withClaim("user_id", channelID) // chanelID is in string format not int
	.withClaim("token", "external")
	.sign(algorithm).toString();

example: payload data from above:

{
  "role": "external",
  "user_id": "11111111",
  "exp": 1509880,
  "pubsub_perms": {
"send": [
  "*"
],
"listen": [
  "broadcast"
]
  },
  "channel_id": "111111111111"
}

I then PUT to twitch api: example PUT:
PUT /extensions/extensionid/0.0.1/oauth_receipt?channel_id=channelid HTTP/1.1
HOST: api.twitch.tv
accept: application/vnd.twitchtv.v5+json
content-type: application/json
client-id: extensionid
authorization: Bearer token_generated_from_above
content-length: 0

endpoint responds with {“error”:“Unauthorized”,“status”:401,“message”:“authentication failed”}

BarryCarlyon · November 5, 2017, 12:22pm

Your payload is wrong for this request.

(PHP)

            $payload = array(
                'exp' => time() + 60,
                'user_id' => '15185913',
                'role' => 'external',
            );

Is the correct payload.

exp - Time in seconds (and add a bit)
user_id - the UserID of the person who OWNS the extension, as a string
role - external is the only value