decode static method
Decode a token without checking its signature
This also sets JWT.audience, JWT.subject, JWT.issuer, and JWT.jwtId even though they are not verified. Use with caution.
Implementation
static JWT decode(String token) {
try {
final parts = token.split('.');
var header = jsonBase64.decode(base64Padded(parts[0]));
dynamic payload;
try {
payload = jsonBase64.decode(base64Padded(parts[1]));
} catch (ex) {
payload = utf8.decode(base64Url.decode(base64Padded(parts[1])));
}
final audiance = _parseAud(payload['aud']);
final issuer = payload['iss']?.toString();
final subject = payload['sub']?.toString();
final jwtId = payload['jti']?.toString();
return JWT(
payload,
header: header is! Map<String, dynamic> ? null : header,
audience: audiance,
issuer: issuer,
subject: subject,
jwtId: jwtId,
);
} catch (ex, stackTrace) {
if (ex is Exception && ex is! JWTException) {
throw JWTUndefinedException(ex, stackTrace);
} else {
rethrow;
}
}
}