Javascript 如何在JWK响应（PHP）中获取密钥ID值

我在服务器端生成一个公钥，传递给客户端，以呈现一个iframe（由第三方托管）

我从JWK响应中获得了一整块数据，但我只需要keyID值

{ “数据”：“{\'keyId\”：\”Eyjrawqiizyizyimju2in0.Eyjmbhgionsicgf0acii9mbgv4yxl3rva2vucz9mbjtrcdtawm2rkv0uilcyxrhijoof Z6wnhyuhd2b1drb1i0qtvttrwntefbrulinljst1yzdgu4uuuxgdmew08wthelwkHtme4z2zzz2zzzzlzwzlzzlzlzlzwzlzlzlzlzlzlzlzzlzlzlzlzlzlzlzlzlzlzlzlzlzlzlzlznzlzlzlznzzlzlzlzlzlzlzlzlzlzlzlzlzlzlzlznzlzlzlz2.中国政府QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ2.2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 VDGVZDGZSZXGY3L6月6日，中国ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ691Y_gX9Qo8fe6XeJw8-Ir4XwwznjNLa31-EctYfnYUbfOnjR\u 8rfuFNnulvQecHs1e4zFVVAqm8mqex-umdlPbPUGT8xzYN-g0olmdj3umaesuyrdaifvxwsxyybhu5rip-8anGWj\u 9RQrwvOH7MOIerV3Lej1-lEOxTw\，“der\”：null，“jwk\”：null} }

我需要keyID值，并将其传递到客户端的一个名为“captureContext”的变量上

这是我的客户端代码，但它将返回上面的所有数据：

var captureContext = <?php echo json_encode($body)?>;
console.log(captureContext);

var captureContext=；
console.log（captureContext）；

这是我在服务器端生成公钥的方式：

<?php

define ('HMAC_SHA256', 'HmacSHA256');

//Step 0.  Set Secret Key a
define ('SHARED_SECRET_KEY', '--insert shared secret--');
define ('KEY_ID','--insert key ID--');
define ('MERCHANT_ID','--insert merchant ID--');

define('TARGET_ORIGIN',"http://localhost:8082");
define ('SECURE_HTTPS','https://');
define('HOST','apitest.cybersource.com');
define('DESTINATION_RESOURCE','flex/v1/keys?format=JWT'); 

define('SHA256','sha256');
define('ENCRYPTION_TYPE','RsaOaep256');


function loggingHelper( $response, $curl, $testInfo, $requestBody ) {
        printf("%s\n",$testInfo);
        if(!$response) {
            printf ('Error: "' . curl_error($curl) . '" - Code: ' . curl_errno($curl));
        } else {
            if (empty($requestBody) == false && $requestBody != '') {
                $json = json_decode($requestBody);
                $json = json_encode($json, JSON_PRETTY_PRINT);
                printf("Request Body : %s\n", $json);
            }
            $header_size = curl_getinfo($curl, CURLINFO_HEADER_SIZE);
            $header = substr($response, 0, $header_size);
            $body = substr($response, $header_size);
            printf ("Response Status: %s\n",curl_getinfo($curl, CURLINFO_HTTP_CODE));
            printf($header);
            if (empty($body) == false && $body != '') {
                $json = json_decode($body);
                $json = json_encode($json, JSON_PRETTY_PRINT);
                printf("Response Body : %s\n", $json);
            }

        }
    }

function getSignature($params){
       return signData(buildDataStringToSign($params), SHARED_SECRET_KEY); 

}

function getHeadersString($params) {


   $headerStringArray = array();
   foreach($params as $field => $value){
        $headerStringArray[] = $field;
    } 
    return implode(" ",$headerStringArray);
}

function buildDataStringToSign($params) {
        $dataStringArray = array();

        foreach ($params as $field => $value) {
           $dataStringArray[] = $field . ": " . $value;
        }
        return implode("\n",$dataStringArray);
}

function jdebug($variable,$text){

    echo "<br>=====".$text."=====<br>";


    var_dump($variable);

    echo "<br>=====".$text."=====<br>";


}


function signData($data, $secretKey) {
    //Remember, the key is provided in a base64 format, so it must be decoded before using in the hmac

    return base64_encode(hash_hmac(SHA256, $data, base64_decode($secretKey),true));

}


function commaSeparate ($dataToSign) {
    return implode(",",$dataToSign);
}

function getServerTime() {

     return gmdate("D, d M Y H:i:s \G\M\T");
 }

function getDigestHeader($params) {

    return "SHA-256=".base64_encode(hash(SHA256,$params,true));

}

function getDigestBody() {

      $digestBody = Array("encryptionType" => ENCRYPTION_TYPE,
                          "targetOrigin" => TARGET_ORIGIN );

    //return  "{\n  \"encryptionType\": \"".ENCRYPTION_TYPE."\",\n  \"targetOrigin\": \"".TARGET_ORIGIN."\"\n}";
    return  json_encode($digestBody);

}

    $digestBody = getDigestBody();

    $digestHash = getDigestHeader($digestBody);

    $serverTime = getServerTime();


    $signedHeaders['host'] = HOST;
    $signedHeaders['date'] = $serverTime;

    $signedHeaders['(request-target)'] = 'post /'.DESTINATION_RESOURCE;
    $signedHeaders['digest'] = $digestHash;


    $signedHeaders['v-c-merchant-id'] = MERCHANT_ID;


    $signature = getSignature($signedHeaders);


   $signatureHeader = "";

   $signatureHeader.="keyid=\"".KEY_ID."\"".", ";
   $signatureHeader.="algorithm=\"".HMAC_SHA256."\"".", ";
   $signatureHeader.="headers=\"".getHeadersString($signedHeaders)."\"".", ";
   $signatureHeader.="signature=\"".$signature."\"";

        $curl = curl_init ();

        $headers = array("host: ".$signedHeaders['host'],
                          "date: ".$signedHeaders['date'],
                          "digest: ".$signedHeaders['digest'],
                          "signature: ".$signatureHeader,
                          "Content-Type: application/json; charset=utf-8",
                          "v-c-merchant-id: ".$signedHeaders['v-c-merchant-id']);

        $absUrl = SECURE_HTTPS.HOST."/".DESTINATION_RESOURCE;


        $opts = array ();

        $opts [CURLOPT_POST] = 1;
        $opts [CURLOPT_POSTFIELDS] = $digestBody;
        $opts [CURLOPT_PROTOCOLS] = CURLPROTO_HTTPS;
        $opts [CURLOPT_SSLVERSION] = CURL_SSLVERSION_TLSv1_2;
        $opts [CURLOPT_URL] = $absUrl;
        $opts [CURLOPT_RETURNTRANSFER] = true;
        $opts [CURLOPT_CONNECTTIMEOUT] = 50;
        $opts [CURLOPT_TIMEOUT] = 100;
        $opts [CURLOPT_HTTPHEADER] = $headers;
        $opts [CURLOPT_HEADER] = 1;


        curl_setopt_array ( $curl, $opts );

        $response = curl_exec ( $curl );


        $statusCode = curl_getinfo($curl, CURLINFO_HTTP_CODE);


        $header_size = curl_getinfo($curl, CURLINFO_HEADER_SIZE);
        $header = substr($response, 0, $header_size);
        $body = substr($response, $header_size);


        $response = json_decode($body);
        $jwk = $response->jwk;


        curl_close ( $curl );

?>

---

希望你能帮助我！提前谢谢你

我已尽力理解您粘贴的代码，但很难说响应是如何从服务器生成/响应的，因为从我对代码的扫描来看，没有迹象表明第一部分代码和第二部分代码都在服务器端，还是第一部分代码是客户端的测试代码（第一部分显然是与php的混合代码，例如js+php）

因此有两种可能性：

这两个代码都在服务器端

服务器端只有第二个代码

1：如果代码的第一部分在服务器端，并且是从客户端请求的，并且您希望拆分为结果并只发送密钥，那么您需要做的就是：

// if $body is an array in php
var captureContext = <?php echo $body['data']['keyId'] ?>;

// if $body is an object in php
var captureContext = <?php echo $body->data->keyId ?>;

如果代码的第一部分是客户端应该得到的，并且您询问如何从整个响应数据中分割密钥：

var captureContext = <?php echo json_encode($body)?>;
var resp = JSON.parse(captureContext);
var keyID = resp.data.keyId;
console.log(keyID);

出现这种错误的原因是因为我注意到您在console.log（）上发布的JWK帖子显示了不同符号的数据和keyId，

“

和

\”

，而整个

数据

值都是字符串格式，因此您可能需要为另一个内部JSON结构翻译两次

---

根据我的猜测，第一个代码和第二个代码共享变量名，如果

$body

是同一个变量，那么从JSON格式拆分

keyId

是一个非常简单的过程。

我尝试了一些东西，我想我得到了：

$body = '{ "data": "{\"keyId\":\"eyJraWQiOiIzZyIsImFsZyI6IlJTMjU2In0.eyJmbHgiOnsicGF0aCI6Ii9mbGV4L3YxL3Rva2Vucz9mb3JtYXRcdTAwM2RKV0UiLCJkYXRhIjoiOFZ6WnhyUHd2b1dRb1I0QTVTRWNteEFBRUliNlJsT1YzdGU4UUxGdmEwb08wTEliWkhtWmE4Z2ZqT0lSWklmS1FaUElRYmhaZHVlRFNwQzZZZllUanF0cU94d2xtUVlQa1FzZUcrL05WUGlBbUZUdGtUNjlUbXAyb3pEOWJqT0NyVFlQIiwib3JpZ2luIjoiaHR0cHM6Ly90ZXN0ZmxleC5jeWJlcnNvdXJjZS5jb20iLCJqd2siOnsia3R5IjoiUlNBIiwiZSI6IkFRQUIiLCJ1c2UiOiJlbmMiLCJuIjoiaGNLRlU5UllCR0VwY1JyR3FQQ2J1U3BlOFdyeTRRUUNvMUdiRml4ZHdWMUtuN09BMHQtRDdXM2tvUjN6MDc3UndnYnBldTdvbV8xd0ZrRjVRLTBNeVNfdzk3TklmaVk1OVNLb3JqdWhfQmt2NHdJVGVUbm9LN2ZROHJyOTJSOUNKTFp6UFdlUVJPMDVxeWxiLVdVWUJvOU5sa2QwZHl6b2RlbEoxWVRzQ1JzYlRVc0ZRMUxKZHVIWWw0X3kzTF9FbnkwaG1mSFg5cll4U2ozamhmZVpZYVhYa0wtdERCa2k5VF9zXzhzb19RQjNLN29oR2tqSDU1TUQwRkdDNzVpRS1UcmtqNFd0cWNyYjI3S3BNSzdXWm1qSnJUMFE0bzlMMTBURXJvZE1HeEpfTm5IMGdSYmUwTFVSOWhaVnUzMG9tWkdrQVhfQXhUa1VJWktXQzZENkJ3Iiwia2lkIjoiMDd1SlMwT0dpR2pObzF6ejRTbGFpZUIzQkprSWc1bVAifX0sImN0eCI6W3siZGF0YSI6eyJ0YXJnZXRPcmlnaW5zIjpbImh0dHA6Ly9sb2NhbGhvc3Q6ODA4MiJdLCJtZk9yaWdpbiI6Imh0dHBzOi8vdGVzdGZsZXguY3liZXJzb3VyY2UuY29tIn0sInR5cGUiOiJtZi0wLjExLjAifV0sImlzcyI6IkZsZXggQVBJIiwiZXhwIjoxNTgwMTg5NDA2LCJpYXQiOjE1ODAxODg1MDYsImp0aSI6InNYYWNWSm43bkI1a1ZvSnIifQ.Hr-DwfFv-90bBtUWhACXwkhVFefh7fNOV9FS5Epu5fcL7Ji_pE9GHQIhaX5F31VM-EAOz55gG0eYnEu7ZAptR1mq3WgxNx3Af9ngKpbl4ZTb9cUxjGf3DdGJ1-J26aziJx3GcaZREfFyabDWbThyKlGTxSbnGHb7-UcQ_MPmh-znt_691y_gX9Qo8fe6XeJw8-Ir4XwwznjNLa31-EctYfnYUbfOnjR_8rfuFNnulvQecHs1e4zFVVAqm8mqex-umdlPbPUGT8xzYN-G0oLMdj3uMAAeSuyrdAifVXWSXyyyBHU5rIp-8anGWj_9RQrwvOH7MOIerV3Lej1-lEOxTw\",\"der\":null,\"jwk\":null}" }';

$body = json_decode($body, true);
$body = json_decode($body['data'], true);
$keyId = $body['keyId'];

既然您在其中标记了PHP，这就是我的服务器端答案

编辑：

---

你必须把你的

$body

变量变成一个字符串。在它周围加上引号。经过测试和确认，这是有效的。

->访问对象值去年我放弃了这个，但不得不再次这样做，我没有看到你的答案，但这是我正在寻找的答案~~非常感谢你，抱歉太晚了！：D@jasieSorry我不够清楚。但是没错，第一个代码来自客户端，第二个代码来自服务器端。是的，他们共享变量名$body，其中包含上面的JWK响应。我尝试了这段代码，但在控制台日志中没有看到他们的keyID值，我仍然无法呈现iframe。``var captureContext=；var resp=JSON.parse（captureContext）；var keyID=resp.keyID；console.log（keyID）“``谢谢您的回复！抱歉，这是我在代码

keyID

的最后一部分中的错误，这是因为您在属性

data

下有它。请再次检查，我已经编辑并修复了它。但是，出于安全原因，如果客户端的响应应该只包含keyID而不是完整的JWK数据，那么最好的方法是仍在从服务器端的整个JWK中拆分此ID。但是，我猜JWK是您尝试发送回客户端的正确API。顺便说一下，还有另一个不清楚的部分可能会导致错误，您为JWK粘贴的数据以{“data”：…}开头，后面的值是{“\keyId”\：“\…”\}。请注意，一个console.log（）可能会输出类似于您发布的JWK的对象。嗯，我尝试了上面两个代码，但控制台日志中没有返回keyID值，iframe仍然无法呈现。如何从服务器端的整个JWK中分割keyID？我在下面尝试了，但我有未定义的索引：data，我收到了空JWK响应。$body=json\u decode（$body，true）$body=json_decode（$body['data']['keyId']，true）；$keyId=$body['keyId']；如果这是服务器端的代码，我应该如何在客户端指定它？谢谢！您能尝试以下步骤并给出输出，这样我就可以告诉您密钥在哪里：a）

console.log（captureContext）；

b）

console.log（json.parse）
（captureContext））；
c）
console.log（JSON.parse（captureContext.data）<
var captureContext = <?php echo json_encode($body)?>;
var resp = JSON.parse(captureContext);
var respData = JSON.parse(resp.data);
var keyID = respData.keyId;
console.log(keyID);

$body = '{ "data": "{\"keyId\":\"eyJraWQiOiIzZyIsImFsZyI6IlJTMjU2In0.eyJmbHgiOnsicGF0aCI6Ii9mbGV4L3YxL3Rva2Vucz9mb3JtYXRcdTAwM2RKV0UiLCJkYXRhIjoiOFZ6WnhyUHd2b1dRb1I0QTVTRWNteEFBRUliNlJsT1YzdGU4UUxGdmEwb08wTEliWkhtWmE4Z2ZqT0lSWklmS1FaUElRYmhaZHVlRFNwQzZZZllUanF0cU94d2xtUVlQa1FzZUcrL05WUGlBbUZUdGtUNjlUbXAyb3pEOWJqT0NyVFlQIiwib3JpZ2luIjoiaHR0cHM6Ly90ZXN0ZmxleC5jeWJlcnNvdXJjZS5jb20iLCJqd2siOnsia3R5IjoiUlNBIiwiZSI6IkFRQUIiLCJ1c2UiOiJlbmMiLCJuIjoiaGNLRlU5UllCR0VwY1JyR3FQQ2J1U3BlOFdyeTRRUUNvMUdiRml4ZHdWMUtuN09BMHQtRDdXM2tvUjN6MDc3UndnYnBldTdvbV8xd0ZrRjVRLTBNeVNfdzk3TklmaVk1OVNLb3JqdWhfQmt2NHdJVGVUbm9LN2ZROHJyOTJSOUNKTFp6UFdlUVJPMDVxeWxiLVdVWUJvOU5sa2QwZHl6b2RlbEoxWVRzQ1JzYlRVc0ZRMUxKZHVIWWw0X3kzTF9FbnkwaG1mSFg5cll4U2ozamhmZVpZYVhYa0wtdERCa2k5VF9zXzhzb19RQjNLN29oR2tqSDU1TUQwRkdDNzVpRS1UcmtqNFd0cWNyYjI3S3BNSzdXWm1qSnJUMFE0bzlMMTBURXJvZE1HeEpfTm5IMGdSYmUwTFVSOWhaVnUzMG9tWkdrQVhfQXhUa1VJWktXQzZENkJ3Iiwia2lkIjoiMDd1SlMwT0dpR2pObzF6ejRTbGFpZUIzQkprSWc1bVAifX0sImN0eCI6W3siZGF0YSI6eyJ0YXJnZXRPcmlnaW5zIjpbImh0dHA6Ly9sb2NhbGhvc3Q6ODA4MiJdLCJtZk9yaWdpbiI6Imh0dHBzOi8vdGVzdGZsZXguY3liZXJzb3VyY2UuY29tIn0sInR5cGUiOiJtZi0wLjExLjAifV0sImlzcyI6IkZsZXggQVBJIiwiZXhwIjoxNTgwMTg5NDA2LCJpYXQiOjE1ODAxODg1MDYsImp0aSI6InNYYWNWSm43bkI1a1ZvSnIifQ.Hr-DwfFv-90bBtUWhACXwkhVFefh7fNOV9FS5Epu5fcL7Ji_pE9GHQIhaX5F31VM-EAOz55gG0eYnEu7ZAptR1mq3WgxNx3Af9ngKpbl4ZTb9cUxjGf3DdGJ1-J26aziJx3GcaZREfFyabDWbThyKlGTxSbnGHb7-UcQ_MPmh-znt_691y_gX9Qo8fe6XeJw8-Ir4XwwznjNLa31-EctYfnYUbfOnjR_8rfuFNnulvQecHs1e4zFVVAqm8mqex-umdlPbPUGT8xzYN-G0oLMdj3uMAAeSuyrdAifVXWSXyyyBHU5rIp-8anGWj_9RQrwvOH7MOIerV3Lej1-lEOxTw\",\"der\":null,\"jwk\":null}" }';

$body = json_decode($body, true);
$body = json_decode($body['data'], true);
$keyId = $body['keyId'];