From f0e66a465103a3e64b19d8e64f6603a3fd08dece Mon Sep 17 00:00:00 2001 From: Carson McManus Date: Thu, 10 Aug 2023 08:49:37 -0400 Subject: [PATCH] fix jwt decoding, fixes #299 (#300) --- steamguard/src/accountlinker.rs | 11 +++++++++-- steamguard/src/token.rs | 11 ++++++++++- 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/steamguard/src/accountlinker.rs b/steamguard/src/accountlinker.rs index e09f26b..823666a 100644 --- a/steamguard/src/accountlinker.rs +++ b/steamguard/src/accountlinker.rs @@ -5,6 +5,7 @@ use crate::steamapi::twofactor::TwoFactorClient; use crate::token::TwoFactorSecret; use crate::transport::Transport; use crate::{steamapi::EResult, token::Tokens, SteamGuardAccount}; +use anyhow::Context; use base64::Engine; use log::*; use thiserror::Error; @@ -41,7 +42,10 @@ where pub fn link(&mut self) -> anyhow::Result { let access_token = self.tokens.access_token(); - let steam_id = access_token.decode()?.steam_id(); + let steam_id = access_token + .decode() + .context("decoding access token")? + .steam_id(); let mut req = CTwoFactor_AddAuthenticator_Request::new(); req.set_authenticator_type(1); @@ -49,7 +53,10 @@ where req.set_sms_phone_id("1".to_owned()); req.set_device_identifier(self.device_id.clone()); - let resp = self.client.add_authenticator(req, access_token)?; + let resp = self + .client + .add_authenticator(req, access_token) + .context("add authenticator request")?; if resp.result != EResult::OK { return Err(resp.result.into()); diff --git a/steamguard/src/token.rs b/steamguard/src/token.rs index 73c5085..b620518 100644 --- a/steamguard/src/token.rs +++ b/steamguard/src/token.rs @@ -160,7 +160,7 @@ fn decode_jwt(jwt: impl AsRef) -> anyhow::Result { ensure!(parts.len() == 3, "Invalid JWT"); let data = parts[1]; - let bytes = base64::engine::general_purpose::URL_SAFE.decode(data)?; + let bytes = base64::engine::general_purpose::URL_SAFE_NO_PAD.decode(data)?; let json = String::from_utf8(bytes)?; let jwt_data: SteamJwtData = serde_json::from_str(&json)?; Ok(jwt_data) @@ -259,4 +259,13 @@ mod tests { assert_eq!(data.sub, "76561199155706892"); assert_eq!(data.jti, "18C5_22B3F431_CDF6A"); } + + #[test] + fn test_decode_jwt_2() { + let sample: Jwt = "eyAidHlwIjogIkpXVCIsICJhbGciOiAiRWREU0EiIH0.eyAiaXNzIjogInI6MTRCM18yMkZEQjg0RF9BMjJDRCIsICJzdWIiOiAiNzY1NjExOTk0NDE5OTI5NzAiLCAiYXVkIjogWyAid2ViIiwgIm1vYmlsZSIgXSwgImV4cCI6IDE2OTE3NTc5MzUsICJuYmYiOiAxNjgzMDMxMDUxLCAiaWF0IjogMTY5MTY3MTA1MSwgImp0aSI6ICIxNTI1XzIyRkRCOUJBXzZBRDkwIiwgIm9hdCI6IDE2OTE2NzEwNTEsICJydF9leHAiOiAxNzEwMDExNjg5LCAicGVyIjogMCwgImlwX3N1YmplY3QiOiAiMTA0LjI0Ni4xMjUuMTQxIiwgImlwX2NvbmZpcm1lciI6ICIxMDQuMjQ2LjEyNS4xNDEiIH0.ncqc5TpVlD05lnZvy8c3Bkx70gXDvQQXN0iG5Z4mOLgY_rwasXIJXnR-X4JczT8PmZ2v5cisW5VRHAdfsz_8CA".to_owned().into(); + let data = sample.decode().expect("Failed to decode JWT"); + + assert_eq!(data.aud, vec!["web", "mobile"]); + assert_eq!(data.sub, "76561199441992970"); + } }