Cannot decrypt Application Token

superuser866 · March 20, 2024, 10:27am

Hello, i am trying to obtain a new application token (self-hosted taiga) , I followed REST API Documentation :

Requested auth_code with /api/v1/application-tokens/authorize
Validated auth_code with /api/v1/application-tokens/validate
As explained in documentation I was expecting to get a cyphered_token:

{
“cyphered_token”: “eyJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiQTEyOEtXIn0.E-Ee1cRgG0JEd90yJu-Dgl_vwKHTHdPy2YHRbCsMvfiJx0OvR12E8g.kGwJPnWQJecFPEae.ebQtpRNPbKh6FBS-LSUhw1xNARl0Q5loCO4fAk00LHFqcDpAwba7LHeR3MPx9T9LfA.KM-Id_041g8OdWaseGyV8g”
}

Instead i get this:
{“token”: “eyJhcHBfdG9rZW5faWQiOjN9:1rmsWP:2APPsxGuloGhuvlCBbgFAVgKxnRJz9vhkul9nuUTTV0”}

but it does not seems to be a valid crypted token so decryption fails:

token=JWE().decrypt(cyphered_token, keys=[sym_key])
File “/home/superuser/.local/lib/python3.9/site-packages/jwkest/jwe.py”, line 843, in decrypt
jwe = JWEnc().unpack(token)
File “/home/superuser/.local/lib/python3.9/site-packages/jwkest/jwt.py”, line 67, in unpack
part = split_token(token)
File “/home/superuser/.local/lib/python3.9/site-packages/jwkest/jwt.py”, line 16, in split_token
raise BadSyntax(token,
jwkest.BadSyntax: expected token to contain at least one dot: b’eyJhcHBfdG9rZW5faWQiOjN9:1rmsWP:2APPsxGuloGhuvlCBbgFAVgKxnRJz9vhkul9nuUTTV0’

What am I doing wrong?
Thank you for your help
Max

david.barragan · March 20, 2024, 6:37pm

Hi @superuser866


>>> from django.core import signing
>>> token = signing.dumps({"app_token_id": 1})
>>> token
'eyJhcHBfdG9rZW5faWQiOjF9:1rn0eN:DcXHToR3QgFP-jX4llR9xsDwRGZXlcEHTwWQI6lIOv8'
>>> signing.loads(token)
{'app_token_id': 1}

This is how this token is generated and here is the documentation for the django.core.signing module.

I hope this can help.

This token is to authorize some external app to use taiga as a login services (like in https://seed.taiga.io/), maybe this is not your use case.

superuser866 · March 20, 2024, 9:47pm

Hi David, I was trying to obtain a token to use to authenticate to Taiga’s REST API inside a perl script . I am following the wrong procedure?
Thank you very much
Max

david.barragan · March 21, 2024, 11:39am

For a common script, use the “Standard token authentication” process. You only need username/password credentials from an existing user.

Topic		Replies	Views
Taiga self hosted tokens Troubleshooting	1	103	May 14, 2024
How to get application id for REST api Taiga basics scrum	6	438	May 27, 2024
Taiga applications at UI Self hosted Taiga	1	336	October 9, 2023
Create a new Application Self hosted Taiga	1	247	March 25, 2024
Auth Code for External Cloud service Self hosted Taiga	2	50	September 16, 2024

Cannot decrypt Application Token

Related topics

Get Taiga for free