Parse a bearer token using Flow

svarukala · ‎01-08-2020

A simple button (manual) flow that can parse a bearer token to extract details like:

Issuer
AppID
Audience
TokenSubject
TokenSender etc.

Note that a HTTP based flow won't execute when you pass a bearer token in the Authorization header. You can send it as a normal POST body or a parameter instead and use that as a layer of security so that Flow can validate the token and only then execute.

liansc · ‎01-14-2021

Hi, I incorporated this in one of my flows to extract, decode, and parse a JWT and it works great, however I encounter an error with certain JWT values. After decodeBase64, I get an Unexpected character at the end of the nbf claim, so the ParseJSON action produces an error:

The 'content' property of actions of type 'ParseJson' must be valid JSON. The provided value cannot be parsed: 'Unexpected character encountered while parsing number: �. Path 'nbf', line 1, position 426.'.

The output of decodeBase64() is as follows, and it doesn't have a closing brace:

{"iat":xxx,"ver":"xxx","appid":"xxx","sub":"xxx","appidacr":"x","acr":"x","tid":"xxx","sender":"xxx","oid":"xxx","iss":"xxx","aud":"xxx","exp":1610614832,"nbf":161061393�

In other cases, it works fine. Any idea what could be wrong? Thanks.

liansc · ‎01-14-2021

Figured it out - decodeBase64() expects the input's length to be divisible by 4, so as a workaround, I just appended (one or more) '=' characters to my token before decoding. Works ok now.

svarukala · ‎01-19-2021

@liansc looks like an edge case scenario, but good tshooting.