blyzer/fasto
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: pad base64 string when parsing jwt during impersonation exit

Browse Source 
- Prevented the browser's atob() function from throwing a 'String contains an invalid character' exception by adding proper Base64 padding to the JWT payload before decoding.
This commit is contained in:
Cauê Faleiros
2026-03-11 15:13:19 -03:00
parent 684b98bd0e
commit 7cb78f13c0
1 changed files with 13 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
services/dataService.ts
View File

@@ -417,7 +417,19 @@ export const returnToSuperAdmin = (): boolean => {
const superAdminToken = localStorage.getItem('ctms_super_admin_token'); const superAdminToken = localStorage.getItem('ctms_super_admin_token');
if (superAdminToken) { if (superAdminToken) {
try { try {
const payload = JSON.parse(atob(superAdminToken.split('.')[1])); // Correctly decode Base64Url JWT payload with proper padding
const base64Url = superAdminToken.split('.')[1];
let base64 = base64Url.replace(/-/g, '+').replace(/_/g, '/');
const pad = base64.length % 4;
if (pad) {
base64 += '='.repeat(4 - pad);
}
const jsonPayload = decodeURIComponent(atob(base64).split('').map(function(c) {
return '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2);
}).join(''));
const payload = JSON.parse(jsonPayload);
localStorage.setItem('ctms_token', superAdminToken); localStorage.setItem('ctms_token', superAdminToken);
localStorage.setItem('ctms_user_id', payload.id); localStorage.setItem('ctms_user_id', payload.id);
localStorage.setItem('ctms_tenant_id', payload.tenant_id || 'system'); localStorage.setItem('ctms_tenant_id', payload.tenant_id || 'system');