Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

TypeError: the JSON object must be str, bytes or bytearray, not OrderedDict #106

Closed
JulianGR opened this issue Apr 3, 2024 · 0 comments
Closed

TypeError: the JSON object must be str, bytes or bytearray, not OrderedDict #106

JulianGR opened this issue Apr 3, 2024 · 0 comments

Comments

@JulianGR
Copy link

JulianGR commented Apr 3, 2024

Hi,

Similarly to #21 , I get the following error when running the tool:

[+] resource_access = JSON object:
Traceback (most recent call last):
  File "C:\[redacted]\jwt_tool\jwt_tool.py", line 2034, in <module>
    rejigToken(headDict, paylDict, sig)
  File "C:\[redacted]\jwt_tool\jwt_tool.py", line 1292, in rejigToken
    comparestamps, expiredtoken = dissectPayl(paylDict)
                                  ^^^^^^^^^^^^^^^^^^^^^
  File "C:\[redacted]\jwt_tool\jwt_tool.py", line 1196, in dissectPayl
    if type(castInput(paylDict[claim][subclaim])) == str:
            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "C:\[redacted]\jwt_tool\jwt_tool.py", line 588, in castInput
    jsonInput = json.loads(newInput)
                ^^^^^^^^^^^^^^^^^^^^
  File "C:\Users\[redacted]\AppData\Local\Programs\Python\Python312\Lib\json\__init__.py", line 339, in loads
    raise TypeError(f'the JSON object must be str, bytes or bytearray, '
TypeError: the JSON object must be str, bytes or bytearray, not OrderedDict

I cannot provide the full JWT token due to NDAs, but the part of the JWT that produces such behaviour is the following, in the body of the JWT:

...
    "typ": "Bearer",
    "session_state": "6db1xxxx34ab4",
    "allowed-origins": [
        "*"
    ],
    "realm_access": {
        "roles": [
            "admin_role",
            "xxxx"            
        ]
    },
    "resource_access": {
        "realm-management": {
            "roles": [
                "mxxxxers"
            ]
        },
        "account": {
            "roles": [
                "maxxxxunt",
                "mxxxxnks",
                "vxxxx"
            ]
        }
    },
    "scope": "email profile",
    "sid": "6dxxxxxxab4",
...

As you can see, the problematic value is resource_access, since the JWT contains

 "resource_access": {
        "realm-management": {            
        },
        "account": {            
        }
    },

********************* SOLUTION ***************************:

I've fixed the issue, similarly to #21 , by changing, in line 588

from

jsonInput = json.loads(newInput)

to

jsonInput = json.dumps(newInput)

Perhaps the tool could already include this change =)
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@JulianGR