diff --git a/kong/plugins/jwt/jwt_parser.lua b/kong/plugins/jwt/jwt_parser.lua index 045f72dcd2fb..e22b6b11f621 100644 --- a/kong/plugins/jwt/jwt_parser.lua +++ b/kong/plugins/jwt/jwt_parser.lua @@ -6,6 +6,7 @@ -- @see https://github.com/x25/luajwt local json = require "cjson" +local b64 = require "ngx.base64" local openssl_digest = require "resty.openssl.digest" local openssl_hmac = require "resty.openssl.hmac" local openssl_pkey = require "resty.openssl.pkey" @@ -26,8 +27,8 @@ local assert = assert local tostring = tostring local setmetatable = setmetatable local getmetatable = getmetatable -local encode_base64 = ngx.encode_base64 -local decode_base64 = ngx.decode_base64 +local encode_base64url = b64.encode_base64url +local decode_base64url = b64.decode_base64url --- Supported algorithms for signing tokens. @@ -126,8 +127,7 @@ local alg_verify = { -- @param input String to base64 encode -- @return Base64 encoded string local function base64_encode(input) - local result = encode_base64(input, true) - result = result:gsub("+", "-"):gsub("/", "_") + local result = encode_base64url(input) return result end @@ -143,8 +143,7 @@ local function base64_decode(input) input = input .. rep("=", padlen) end - input = input:gsub("-", "+"):gsub("_", "/") - return decode_base64(input) + return decode_base64url(input) end @@ -155,14 +154,15 @@ end -- @param len Number of parts to retrieve -- @return A table of strings local function tokenize(str, div, len) - local result, pos = {}, 0 + local result, idx, pos = {}, 1, 0 local iter = function() return find(str, div, pos, true) end for st, sp in iter do - result[#result + 1] = sub(str, pos, st-1) + result[idx] = sub(str, pos, st - 1) + idx = idx + 1 pos = sp + 1 len = len - 1 if len <= 1 then @@ -170,7 +170,7 @@ local function tokenize(str, div, len) end end - result[#result + 1] = sub(str, pos) + result[idx] = sub(str, pos) return result end