"Not enough segments" when seding a GET message with Bearer Token Authorization Header (flask_restful + flask_jwt_extended)

Andre Araujo picture Andre Araujo · Apr 26, 2020 · Viewed 10.8k times · Source

I got this error in Flask Application:

curl http://0.0.0.0:8080/ -H "Authorization: Bearer TGazPL9rf3aIftplCYDTGDc8cbTd"
{
  "msg": "Not enough segments"
}

Here a sample:

from flask import Flask
from flask_restful import Resource, Api
from flask_jwt_extended import JWTManager, jwt_required

app = Flask(__name__)
jwt = JWTManager(app)
api = Api(app)


class HelloWorld(Resource):
    @jwt_required
    def get(self):
        return {'hello': 'world'}


api.add_resource(HelloWorld, '/')

Console:

 * Serving Flask app "app.py" (lazy loading)
 * Environment: development
 * Debug mode: on
 * Running on http://0.0.0.0:8080/ (Press CTRL+C to quit)
 * Restarting with stat
 * Debugger is active!
 * Debugger PIN: 890-265-009
127.0.0.1 - - [26/Apr/2020 02:02:32] "GET / HTTP/1.1" 422 -

I can't understand: What's wrong?

The exception has been thrown in other lib (line 183 in site-packages/jwt/api_jws.py):

  def _load(self, jwt):
        if isinstance(jwt, text_type):
            jwt = jwt.encode('utf-8')

        if not issubclass(type(jwt), binary_type):
            raise DecodeError("Invalid token type. Token must be a {0}".format(
                binary_type))

        try:
            signing_input, crypto_segment = jwt.rsplit(b'.', 1)
            header_segment, payload_segment = signing_input.split(b'.', 1)
        except ValueError:
            raise DecodeError('Not enough segments')

Answer

vimalloc picture vimalloc · Apr 26, 2020

The token you are trying to pass in (TGazPL9rf3aIftplCYDTGDc8cbTd)is not a valid JWT. A valid JWT has three segments separated by dots: <base64_encoded_header>.<base64_encoded_payload>.<signature>. You can read more about it here: https://jwt.io/introduction/