Docusign JWT身份验证在Java中不返回有效的密钥或签名错误,但在JavaScript中可以正常工作。为什么?
要使用docusign JWT Sign,JWS创建可以很好地使用java脚本,并使用以下代码。但是它不能使用Docusign JWT身份验证在Java中不返回有效的密钥或签名错误,但在JavaScript中可以正常工作。为什么?,java,oauth-2.0,jwt,key,rsa,Java,Oauth 2.0,Jwt,Key,Rsa,要使用docusign JWT Sign,JWS创建可以很好地使用java脚本,并使用以下代码。但是它不能使用io.jsonwebtoken var currTime = Math.round(Date.now()/1000); var expTime = currTime+3600; var header = { "alg": "RS256" }; var data = { "iat": currTime,
io.jsonwebtoken
var currTime = Math.round(Date.now()/1000);
var expTime = currTime+3600;
var header = {
"alg": "RS256"
};
var data = {
"iat": currTime,
"exp" : expTime,
"iss": "xxxx",
"sub": "xxxx",
"aud": "account-d.docusign.com",
"scope": "impersonation signature"
};
var secret = "-----BEGIN RSA PRIVATE KEY-----XXXXX-----END RSA PRIVATE KEY-----";
var sHeader = JSON.stringify(header);
var sPayload = JSON.stringify(data);
var jws = KJUR.jws.JWS.sign("RS256", sHeader, sPayload, secret);
Java实现
final String ISS = "xxxx";
final String SUB = "xxxx";
final String AUD = "account-d.docusign.com";
final String SCOPE = "impersonation signature";
final String SECRET =
"-----BEGIN RSA PRIVATE KEY-----\r\nXXXXX\r\n-----END RSA PRIVATE KEY-----";
Long currTime = System.currentTimeMillis();
Long expTime = currTime+3600;
Map<String,Object> header = new HashMap<>();
Map<String,Object> data = new HashMap<>();
header.put("alg","RS256");
data.put("iat",currTime);
data.put("exp",expTime);
data.put("iss",ISS);
data.put("sub",SUB);
data.put("aud",AUD);
data.put("scope",SCOPE);
java.security.Security.addProvider(
new org.bouncycastle.jce.provider.BouncyCastleProvider()
);
KeyFactory kf = KeyFactory.getInstance("RSA"); // or "EC" or whatever
PemObject pem = new PemReader(new StringReader(SECRET)).readPemObject();
byte[] der = pem.getContent();
PrivateKey privateKey = kf.generatePrivate(new PKCS8EncodedKeySpec(der));
String jws = Jwts.builder()
.setHeader(header)
.setClaims(data)
.signWith(privateKey, SignatureAlgorithm.RS256)
.compact();
抱歉,这是我的错误时间戳导致错误。currentTimeMillis()/1000修复了该问题
final String ISS = "xxxx";
final String SUB = "xxxx";
final String AUD = "account-d.docusign.com";
final String SCOPE = "impersonation signature";
final String SECRET =
"-----BEGIN RSA PRIVATE KEY-----\r\nXXXXX\r\n-----END RSA PRIVATE KEY-----";
Long currTime = System.currentTimeMillis()/1000;
Long expTime = currTime+3600;
Map<String,Object> header = new HashMap<>();
Map<String,Object> data = new HashMap<>();
header.put("alg","RS256");
data.put("iat",currTime);
data.put("exp",expTime);
data.put("iss",ISS);
data.put("sub",SUB);
data.put("aud",AUD);
data.put("scope",SCOPE);
java.security.Security.addProvider(
new org.bouncycastle.jce.provider.BouncyCastleProvider()
);
KeyFactory kf = KeyFactory.getInstance("RSA"); // or "EC" or whatever
PemObject pem = new PemReader(new StringReader(SECRET)).readPemObject();
byte[] der = pem.getContent();
PrivateKey privateKey = kf.generatePrivate(new PKCS8EncodedKeySpec(der));
String jws = Jwts.builder()
.setHeader(header)
.setClaims(data)
.signWith(privateKey, SignatureAlgorithm.RS256)
.compact();
最终字符串ISS=“xxxx”;
最终字符串SUB=“xxxx”;
最终字符串AUD=“account-d.docusign.com”;
最终字符串SCOPE=“模拟签名”;
最终字符串机密=
“----开始RSA私钥------\r\nxxx\r\n------结束RSA私钥------”;
Long currTime=System.currentTimeMillis()/1000;
长expTime=currTime+3600;
Map header=newhashmap();
映射数据=新的HashMap();
页眉.put(“alg”、“RS256”);
数据输入(“iat”,当前时间);
data.put(“exp”,expTime);
数据输入(“iss”,iss);
数据输入(“sub”,sub);
数据。投入(“澳元”,澳元);
数据。put(“范围”,范围);
java.security.security.addProvider(
新org.bouncycastle.jce.provider.BouncyCastleProvider()
);
KeyFactory kf=KeyFactory.getInstance(“RSA”);//或者“EC”之类的
PemObject pem=new-PemReader(new-StringReader(SECRET)).readPemObject();
字节[]der=pem.getContent();
PrivateKey PrivateKey=kf.generatePrivate(新的PKCS8EncodedKeySpec(der));
字符串jws=Jwts.builder()
.setHeader(标题)
.setClaims(数据)
.signWith(私钥,SignatureAlgorithm.RS256)
.compact();
final String ISS = "xxxx";
final String SUB = "xxxx";
final String AUD = "account-d.docusign.com";
final String SCOPE = "impersonation signature";
final String SECRET =
"-----BEGIN RSA PRIVATE KEY-----\r\nXXXXX\r\n-----END RSA PRIVATE KEY-----";
Long currTime = System.currentTimeMillis()/1000;
Long expTime = currTime+3600;
Map<String,Object> header = new HashMap<>();
Map<String,Object> data = new HashMap<>();
header.put("alg","RS256");
data.put("iat",currTime);
data.put("exp",expTime);
data.put("iss",ISS);
data.put("sub",SUB);
data.put("aud",AUD);
data.put("scope",SCOPE);
java.security.Security.addProvider(
new org.bouncycastle.jce.provider.BouncyCastleProvider()
);
KeyFactory kf = KeyFactory.getInstance("RSA"); // or "EC" or whatever
PemObject pem = new PemReader(new StringReader(SECRET)).readPemObject();
byte[] der = pem.getContent();
PrivateKey privateKey = kf.generatePrivate(new PKCS8EncodedKeySpec(der));
String jws = Jwts.builder()
.setHeader(header)
.setClaims(data)
.signWith(privateKey, SignatureAlgorithm.RS256)
.compact();