Private/Utilities/Get-DecodedJWT.ps1
|
function Get-DecodedJWT { <# .DESCRIPTION Decodes a JWT token. This was taken from link below. Thanks to Vasil Michev. .LINK https://www.michev.info/Blog/Post/2140/decode-jwt-access-and-id-tokens-via-powershell #> [cmdletbinding()] param( [Parameter(Mandatory = $True)] [string]$Token ) #Validate as per https://tools.ietf.org/html/rfc7519 #Access and ID tokens are fine, Refresh tokens will not work if (-not $Token.Contains(".") -or -not $Token.StartsWith("eyJ")) { Write-Error "Invalid token" -ErrorAction Stop } $tokenheader = $Token.Split(".")[0].Replace('-', '+').Replace('_', '/') #Fix padding as needed, keep adding "=" until string length modulus 4 reaches 0 while ($tokenheader.Length % 4) { $tokenheader += "=" } #Payload $tokenPayload = $Token.Split(".")[1].Replace('-', '+').Replace('_', '/') #Fix padding as needed, keep adding "=" until string length modulus 4 reaches 0 while ($tokenPayload.Length % 4) { $tokenPayload += "=" } $tokenByteArray = [System.Convert]::FromBase64String($tokenPayload) $hashTable = ([System.Text.Encoding]::ASCII.GetString($tokenByteArray) | ConvertFrom-Json -AsHashtable) $hashTable["expirationDateTime"] = ([DateTime]('1970,1,1')).AddSeconds($hashTable["exp"]) $hashTable["access_token"] = $Token Write-Output $hashTable } |