decode_wati_token.py

#!/usr/bin/env python3
"""
Decode WATI JWT token to see what's inside.
"""
import base64
import json

def decode_jwt(token):
    """Decode JWT token without verification."""
    try:
        # Split token into parts
        parts = token.split('.')
        if len(parts) != 3:
            print("❌ Invalid JWT format")
            return
        
        header_b64, payload_b64, signature = parts
        
        # Decode header
        header_padding = '=' * (4 - len(header_b64) % 4)
        header_json = base64.urlsafe_b64decode(header_b64 + header_padding)
        header = json.loads(header_json)
        
        # Decode payload
        payload_padding = '=' * (4 - len(payload_b64) % 4)
        payload_json = base64.urlsafe_b64decode(payload_b64 + payload_padding)
        payload = json.loads(payload_json)
        
        print("=" * 80)
        print("WATI Token Decoded")
        print("=" * 80)
        
        print("\nHeader:")
        print(json.dumps(header, indent=2))
        
        print("\nPayload:")
        print(json.dumps(payload, indent=2))
        
        print("\n" + "=" * 80)
        print("Key Information")
        print("=" * 80)
        
        print(f"\nEmail: {payload.get('email', 'N/A')}")
        print(f"Tenant ID: {payload.get('tenant_id', 'N/A')}")
        print(f"Database: {payload.get('db_name', 'N/A')}")
        print(f"Role: {payload.get('http://schemas.microsoft.com/ws/2008/06/identity/claims/role', 'N/A')}")
        print(f"Issuer: {payload.get('iss', 'N/A')}")
        print(f"Audience: {payload.get('aud', 'N/A')}")
        
        # Check expiration
        exp = payload.get('exp', 0)
        if exp:
            from datetime import datetime
            exp_date = datetime.fromtimestamp(exp)
            print(f"Expires: {exp_date}")
            
            now = datetime.now()
            if exp_date > now:
                print(f"✅ Token is valid (expires in {(exp_date - now).days} days)")
            else:
                print(f"❌ Token is EXPIRED!")
        
        print("\n" + "=" * 80)
        print("Tenant Information")
        print("=" * 80)
        
        tenant_id = payload.get('tenant_id', '')
        print(f"\nTenant ID from token: {tenant_id}")
        print(f"API Endpoint: https://live-mt-server.wati.io/104318")
        
        if tenant_id == "104318":
            print("✅ Tenant ID matches API endpoint")
        elif tenant_id == "1043182":
            print("⚠️  Tenant ID has extra '2' at the end")
            print(f"   Token tenant: {tenant_id}")
            print(f"   Endpoint tenant: 104318")
            print("\n   This might be the issue!")
            print("   Try using endpoint: https://live-mt-server.wati.io/1043182")
        else:
            print(f"❌ Tenant ID mismatch!")
            print(f"   Token tenant: {tenant_id}")
            print(f"   Endpoint tenant: 104318")
        
        print("\n" + "=" * 80)
        
    except Exception as e:
        print(f"❌ Error decoding token: {str(e)}")
        import traceback
        traceback.print_exc()

if __name__ == "__main__":
    token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6ImN0b0BjdWF0cm9sYWJzLmNvbSIsIm5hbWVpZCI6ImN0b0BjdWF0cm9sYWJzLmNvbSIsImVtYWlsIjoiY3RvQGN1YXRyb2xhYnMuY29tIiwiYXV0aF90aW1lIjoiMDIvMDYvMjAyNiAxMjoyMzoyNiIsInRlbmFudF9pZCI6IjEwNDMxODIiLCJkYl9uYW1lIjoibXQtcHJvZC1UZW5hbnRzIiwiaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93cy8yMDA4LzA2L2lkZW50aXR5L2NsYWltcy9yb2xlIjoiQURNSU5JU1RSQVRPUiIsImV4cCI6MjUzNDAyMzAwODAwLCJpc3MiOiJDbGFyZV9BSSIsImF1ZCI6IkNsYXJlX0FJIn0.z5lE4gK903PpsSVIZgdNlpsdeXKAeSsGe-Kdr5WT19c"
    
    decode_jwt(token)