jasonjoh/php-tutorial

getUserEmailFromIdToken() in oauth.php didn't follow the proper reverse process for id_token

tpt-britto opened this issue · 2 comments

Although the function works fine...

but I came across a web blog reference "https://developer.mobileconnect.io/content/jwt-idtoken" specifying that the id_token must be made correct by replacing "-" with "+" and "_" with "/" and append padding "=" symbol based on JWT token size of the second part in id_token after $token_parts = explode(".", $idToken);

$extrapadds = $jwtTokenSize % 4;

Actually if you need to do that or not depends on the method you use to base64 decode the data. The data is in a "url-safe" version of base64, which is why you have the characters switched and the = removed. As it happens, base64_decode in PHP handles url-safe base64 internally, so you don't have to modify it before calling it.

thanks for the clear explanation and sorry for the issue entry