JWT parsing issue

[rleeden]

I think I'm facing a similar issue to 3004911401

2025-07-01 10:32:04,927 [    INFO] stravabackup.__main__: Using the refresh token to get an access token
2025-07-01 10:32:04,928 [    INFO] stravalib.protocol.ApiV3: POST 'https://www.strava.com/oauth/token' with params {'client_id': '<REDACTED>', 'client_secret': '>REDACTED>', 'refresh_token': '<REDACTED>', 'grant_type': 'refresh_token'}
2025-07-01 10:32:05,106 [   ERROR] stravabackup: Failed to parse provided JWT 'eyJ<REDACTED>.<REDACTED>.<REDACTED>' - ignoring it
Traceback (most recent call last):
  File "/usr/local/strava-backup-env/lib/python3.10/site-packages/stravabackup/__init__.py", line 146, in _validate_jwt
    data = json.loads(base64.b64decode(payload, validate=True))
  File "/usr/local/python310/lib/python3.10/base64.py", line 86, in b64decode
    raise binascii.Error('Non-base64 digit found')
binascii.Error: Non-base64 digit found
2025-07-01 10:32:06,243 [   ERROR] stravabackup: Failed to login with email + password
Traceback (most recent call last):
  File "/usr/local/strava-backup-env/lib/python3.10/site-packages/stravabackup/__init__.py", line 180, in _make_client
    return WebClient(
  File "/usr/local/strava-backup-env/lib/python3.10/site-packages/stravaweblib/webclient.py", line 94, in __init__
    self._login_with_password(email, password)
  File "/usr/local/strava-backup-env/lib/python3.10/site-packages/stravaweblib/webclient.py", line 185, in _login_with_password
    raise stravalib.exc.LoginFailed("Couldn't log in to website, check creds")
stravalib.exc.LoginFailed: Couldn't log in to website, check creds
Traceback (most recent call last):
  File "/usr/local/bin/strava-backup", line 8, in <module>
    sys.exit(main())
  File "/usr/local/strava-backup-env/lib/python3.10/site-packages/stravabackup/__main__.py", line 122, in main
    sb = StravaBackup(
  File "/usr/local/strava-backup-env/lib/python3.10/site-packages/stravabackup/__init__.py", line 108, in __init__
    self.client = self._make_client(access_token, email, password, self._validate_jwt(jwt))
  File "/usr/local/strava-backup-env/lib/python3.10/site-packages/stravabackup/__init__.py", line 188, in _make_client
    raise AuthError("Failed to log into account")
stravalib.exc.AuthError: Failed to log into account

I followed your suggesting of running my jwt token throught base64 -d in bash I get,

{"signing_key":"v1","encryption_key":"v1","iv":"...","alg":"HS256"}base64: invalid input

Seperating out the three elements from the jwt, I get valid decoded text from the first element, and the second element,

I understand the third element is encoded with base64url, so replacing - with + and padding it with a =, it's also accepted by base64 -d in bash

Any ideas?

[rleeden]

I figured out the problem - the length of the second element of my jwt is 240 characters. Which is a multiple of 240, so the following code:

payload += "=" * (4 - len(payload) % 4)

adds 4 characters - which is invalid. Changing this to

payload += "=" * (-len(payload) % 4)

fixes this