DebugPointer
Published on

Regex for JWT Token

Regex for JWT Token

A JSON Web Token (JWT) is a JSON-based open standard (RFC 7519) for creating access tokens that assert some number of claims. JWTs are used to securely transmit information between parties. The information can be verified and trusted because it is digitally signed. JWTs are often used to authenticate users. In this article let's understand how we can create a regex for JWT Tokens and how regex can be matched for JWT Tokens.

Regex (short for regular expression) is a powerful tool used for searching and manipulating text. It is composed of a sequence of characters that define a search pattern. Regex can be used to find patterns in large amounts of text, validate user input, and manipulate strings. It is widely used in programming languages, text editors, and command line tools.

Structure of JWT Token

  • It has to be six digits.
  • It should not start with zero.
  • First digit of the pin code must be from 1 to 9.
  • Next five digits of the pin code may range from 0 to 9.
  • It should allow only one white space, but after three digits, although this is optional.

Regex for checking if JWT Token is valid or not

Regular Expression-

/^([a-zA-Z0-9_=]+)\.([a-zA-Z0-9_=]+)\.([a-zA-Z0-9_\-\+\/=]*)/gm

Test string examples for the above regex-

Input StringMatch Output
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJncm91cCI6ImFuZHJvaWQiLCJhdWQiOiJhbmRyb2lkIiwiaXNzIjoiYXBpLnNvY2lhbGRlYWwubmwiLCJtZW1iZXIiOnsibmFtZSI6ImVyaWsifSwiZXhwIjoxNDUyMDgzMjA3LCJpYXQiOjE0NTE5OTY4MDd9.u7ZBa9RB8U4QL8eBk4hmsjg8oFW19AHuen12c8CvLMj0IQUsNqeC-vwNQvAINpgBM0bzDf5cotyrUzf55eXch6mzfKMa-OJXguO-lARp4fc40HaBWbfnEvGe7yEgSESkt6gJNuprG51A6f4AJyNlXG_3u7O4bAMwiPZJc3AAU84_JXC7Vlq1X3FMaLVGmZdxzA4TvYZEiTt_KHoA49UgzeZtNXo3YiDq-GgL1eV8Li01fwy-M--xzbp4cPcY89jkPyYxUIJEoITOULr3zXQwRfYVe6i0P28oyu5ZzAwYCajBb2T98zN7sFJarNmtcxSKNfhCPnMVn3wrpxx4_Kd2amatches
000121does not match

Here is a detailed explanation of the above regex-

/^([a-zA-Z0-9_=]+)\.([a-zA-Z0-9_=]+)\.([a-zA-Z0-9_\-\+\/=]*)/gm

^ asserts position at start of the string
1st Capturing Group ([a-zA-Z0-9_=]+)
Match a single character present in the list below [a-zA-Z0-9_=]
+ matches the previous token between one and unlimited times, as many times as possible, giving back as needed (greedy)
a-z matches a single character in the range between a (index 97) and z (index 122) (case sensitive)
A-Z matches a single character in the range between A (index 65) and Z (index 90) (case sensitive)
0-9 matches a single character in the range between 0 (index 48) and 9 (index 57) (case sensitive)
_= matches a single character in the list _= (case sensitive)
\. matches the character . with index 4610 (2E16 or 568) literally (case sensitive)
2nd Capturing Group ([a-zA-Z0-9_=]+)
Match a single character present in the list below [a-zA-Z0-9_=]
+ matches the previous token between one and unlimited times, as many times as possible, giving back as needed (greedy)
a-z matches a single character in the range between a (index 97) and z (index 122) (case sensitive)
A-Z matches a single character in the range between A (index 65) and Z (index 90) (case sensitive)
0-9 matches a single character in the range between 0 (index 48) and 9 (index 57) (case sensitive)
_= matches a single character in the list _= (case sensitive)
\. matches the character . with index 4610 (2E16 or 568) literally (case sensitive)
3rd Capturing Group ([a-zA-Z0-9_\-\+\/=]*)
Match a single character present in the list below [a-zA-Z0-9_\-\+\/=]
* matches the previous token between zero and unlimited times, as many times as possible, giving back as needed (greedy)
a-z matches a single character in the range between a (index 97) and z (index 122) (case sensitive)
A-Z matches a single character in the range between A (index 65) and Z (index 90) (case sensitive)
0-9 matches a single character in the range between 0 (index 48) and 9 (index 57) (case sensitive)
_ matches the character _ with index 9510 (5F16 or 1378) literally (case sensitive)
\- matches the character - with index 4510 (2D16 or 558) literally (case sensitive)
\+ matches the character + with index 4310 (2B16 or 538) literally (case sensitive)
\/ matches the character / with index 4710 (2F16 or 578) literally (case sensitive)
= matches the character = with index 6110 (3D16 or 758) literally (case sensitive)
Global pattern flags
g modifier: global. All matches (don't return after first match)
m modifier: multi line. Causes ^ and $ to match the begin/end of each line (not only begin/end of string)

Hope this article was useful to match JWT token regex pattern.