Javascript 如何在JWK响应(PHP)中获取密钥ID值
我在服务器端生成一个公钥,传递给客户端,以呈现一个iframe(由第三方托管) 我从JWK响应中获得了一整块数据,但我只需要keyID值 { “数据”:“{\'keyId\”:\”Eyjrawqiizyizyimju2in0.Eyjmbhgionsicgf0acii9mbgv4yxl3rva2vucz9mbjtrcdtawm2rkv0uilcyxrhijoof Z6wnhyuhd2b1drb1i0qtvttrwntefbrulinljst1yzdgu4uuuxgdmew08wthelwkHtme4z2zzz2zzzzlzwzlzzlzlzlzwzlzlzlzlzlzlzlzzlzlzlzlzlzlzlzlzlzlzlzlzlzlzlzlznzlzlzlznzzlzlzlzlzlzlzlzlzlzlzlzlzlzlzlznzlzlzlz2.中国政府QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ2.2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 VDGVZDGZSZXGY3L6月6日,中国ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ691Y_gX9Qo8fe6XeJw8-Ir4XwwznjNLa31-EctYfnYUbfOnjR\u 8rfuFNnulvQecHs1e4zFVVAqm8mqex-umdlPbPUGT8xzYN-g0olmdj3umaesuyrdaifvxwsxyybhu5rip-8anGWj\u 9RQrwvOH7MOIerV3Lej1-lEOxTw\,“der\”:null,“jwk\”:null} } 我需要keyID值,并将其传递到客户端的一个名为“captureContext”的变量上 这是我的客户端代码,但它将返回上面的所有数据:Javascript 如何在JWK响应(PHP)中获取密钥ID值,javascript,php,html,json,jwk,Javascript,Php,Html,Json,Jwk,我在服务器端生成一个公钥,传递给客户端,以呈现一个iframe(由第三方托管) 我从JWK响应中获得了一整块数据,但我只需要keyID值 { “数据”:“{\'keyId\”:\”Eyjrawqiizyizyimju2in0.Eyjmbhgionsicgf0acii9mbgv4yxl3rva2vucz9mbjtrcdtawm2rkv0uilcyxrhijoof Z6wnhyuhd2b1drb1i0qtvttrwntefbrulinljst1yzdgu4uuuxgdmew08wthelwkHtme
var captureContext = <?php echo json_encode($body)?>;
console.log(captureContext);
var captureContext=;
console.log(captureContext);
这是我在服务器端生成公钥的方式:
<?php
define ('HMAC_SHA256', 'HmacSHA256');
//Step 0. Set Secret Key a
define ('SHARED_SECRET_KEY', '--insert shared secret--');
define ('KEY_ID','--insert key ID--');
define ('MERCHANT_ID','--insert merchant ID--');
define('TARGET_ORIGIN',"http://localhost:8082");
define ('SECURE_HTTPS','https://');
define('HOST','apitest.cybersource.com');
define('DESTINATION_RESOURCE','flex/v1/keys?format=JWT');
define('SHA256','sha256');
define('ENCRYPTION_TYPE','RsaOaep256');
function loggingHelper( $response, $curl, $testInfo, $requestBody ) {
printf("%s\n",$testInfo);
if(!$response) {
printf ('Error: "' . curl_error($curl) . '" - Code: ' . curl_errno($curl));
} else {
if (empty($requestBody) == false && $requestBody != '') {
$json = json_decode($requestBody);
$json = json_encode($json, JSON_PRETTY_PRINT);
printf("Request Body : %s\n", $json);
}
$header_size = curl_getinfo($curl, CURLINFO_HEADER_SIZE);
$header = substr($response, 0, $header_size);
$body = substr($response, $header_size);
printf ("Response Status: %s\n",curl_getinfo($curl, CURLINFO_HTTP_CODE));
printf($header);
if (empty($body) == false && $body != '') {
$json = json_decode($body);
$json = json_encode($json, JSON_PRETTY_PRINT);
printf("Response Body : %s\n", $json);
}
}
}
function getSignature($params){
return signData(buildDataStringToSign($params), SHARED_SECRET_KEY);
}
function getHeadersString($params) {
$headerStringArray = array();
foreach($params as $field => $value){
$headerStringArray[] = $field;
}
return implode(" ",$headerStringArray);
}
function buildDataStringToSign($params) {
$dataStringArray = array();
foreach ($params as $field => $value) {
$dataStringArray[] = $field . ": " . $value;
}
return implode("\n",$dataStringArray);
}
function jdebug($variable,$text){
echo "<br>=====".$text."=====<br>";
var_dump($variable);
echo "<br>=====".$text."=====<br>";
}
function signData($data, $secretKey) {
//Remember, the key is provided in a base64 format, so it must be decoded before using in the hmac
return base64_encode(hash_hmac(SHA256, $data, base64_decode($secretKey),true));
}
function commaSeparate ($dataToSign) {
return implode(",",$dataToSign);
}
function getServerTime() {
return gmdate("D, d M Y H:i:s \G\M\T");
}
function getDigestHeader($params) {
return "SHA-256=".base64_encode(hash(SHA256,$params,true));
}
function getDigestBody() {
$digestBody = Array("encryptionType" => ENCRYPTION_TYPE,
"targetOrigin" => TARGET_ORIGIN );
//return "{\n \"encryptionType\": \"".ENCRYPTION_TYPE."\",\n \"targetOrigin\": \"".TARGET_ORIGIN."\"\n}";
return json_encode($digestBody);
}
$digestBody = getDigestBody();
$digestHash = getDigestHeader($digestBody);
$serverTime = getServerTime();
$signedHeaders['host'] = HOST;
$signedHeaders['date'] = $serverTime;
$signedHeaders['(request-target)'] = 'post /'.DESTINATION_RESOURCE;
$signedHeaders['digest'] = $digestHash;
$signedHeaders['v-c-merchant-id'] = MERCHANT_ID;
$signature = getSignature($signedHeaders);
$signatureHeader = "";
$signatureHeader.="keyid=\"".KEY_ID."\"".", ";
$signatureHeader.="algorithm=\"".HMAC_SHA256."\"".", ";
$signatureHeader.="headers=\"".getHeadersString($signedHeaders)."\"".", ";
$signatureHeader.="signature=\"".$signature."\"";
$curl = curl_init ();
$headers = array("host: ".$signedHeaders['host'],
"date: ".$signedHeaders['date'],
"digest: ".$signedHeaders['digest'],
"signature: ".$signatureHeader,
"Content-Type: application/json; charset=utf-8",
"v-c-merchant-id: ".$signedHeaders['v-c-merchant-id']);
$absUrl = SECURE_HTTPS.HOST."/".DESTINATION_RESOURCE;
$opts = array ();
$opts [CURLOPT_POST] = 1;
$opts [CURLOPT_POSTFIELDS] = $digestBody;
$opts [CURLOPT_PROTOCOLS] = CURLPROTO_HTTPS;
$opts [CURLOPT_SSLVERSION] = CURL_SSLVERSION_TLSv1_2;
$opts [CURLOPT_URL] = $absUrl;
$opts [CURLOPT_RETURNTRANSFER] = true;
$opts [CURLOPT_CONNECTTIMEOUT] = 50;
$opts [CURLOPT_TIMEOUT] = 100;
$opts [CURLOPT_HTTPHEADER] = $headers;
$opts [CURLOPT_HEADER] = 1;
curl_setopt_array ( $curl, $opts );
$response = curl_exec ( $curl );
$statusCode = curl_getinfo($curl, CURLINFO_HTTP_CODE);
$header_size = curl_getinfo($curl, CURLINFO_HEADER_SIZE);
$header = substr($response, 0, $header_size);
$body = substr($response, $header_size);
$response = json_decode($body);
$jwk = $response->jwk;
curl_close ( $curl );
?>
希望你能帮助我!提前谢谢你 我已尽力理解您粘贴的代码,但很难说响应是如何从服务器生成/响应的,因为从我对代码的扫描来看,没有迹象表明第一部分代码和第二部分代码都在服务器端,还是第一部分代码是客户端的测试代码(第一部分显然是与php的混合代码,例如js+php) 因此有两种可能性:
// if $body is an array in php
var captureContext = <?php echo $body['data']['keyId'] ?>;
// if $body is an object in php
var captureContext = <?php echo $body->data->keyId ?>;
如果代码的第一部分是客户端应该得到的,并且您询问如何从整个响应数据中分割密钥:
var captureContext = <?php echo json_encode($body)?>;
var resp = JSON.parse(captureContext);
var keyID = resp.data.keyId;
console.log(keyID);
出现这种错误的原因是因为我注意到您在console.log()上发布的JWK帖子显示了不同符号的数据和keyId,“
和\”
,而整个数据
值都是字符串格式,因此您可能需要为另一个内部JSON结构翻译两次
根据我的猜测,第一个代码和第二个代码共享变量名,如果
$body
是同一个变量,那么从JSON格式拆分keyId
是一个非常简单的过程。我尝试了一些东西,我想我得到了:
$body = '{ "data": "{\"keyId\":\"eyJraWQiOiIzZyIsImFsZyI6IlJTMjU2In0.eyJmbHgiOnsicGF0aCI6Ii9mbGV4L3YxL3Rva2Vucz9mb3JtYXRcdTAwM2RKV0UiLCJkYXRhIjoiOFZ6WnhyUHd2b1dRb1I0QTVTRWNteEFBRUliNlJsT1YzdGU4UUxGdmEwb08wTEliWkhtWmE4Z2ZqT0lSWklmS1FaUElRYmhaZHVlRFNwQzZZZllUanF0cU94d2xtUVlQa1FzZUcrL05WUGlBbUZUdGtUNjlUbXAyb3pEOWJqT0NyVFlQIiwib3JpZ2luIjoiaHR0cHM6Ly90ZXN0ZmxleC5jeWJlcnNvdXJjZS5jb20iLCJqd2siOnsia3R5IjoiUlNBIiwiZSI6IkFRQUIiLCJ1c2UiOiJlbmMiLCJuIjoiaGNLRlU5UllCR0VwY1JyR3FQQ2J1U3BlOFdyeTRRUUNvMUdiRml4ZHdWMUtuN09BMHQtRDdXM2tvUjN6MDc3UndnYnBldTdvbV8xd0ZrRjVRLTBNeVNfdzk3TklmaVk1OVNLb3JqdWhfQmt2NHdJVGVUbm9LN2ZROHJyOTJSOUNKTFp6UFdlUVJPMDVxeWxiLVdVWUJvOU5sa2QwZHl6b2RlbEoxWVRzQ1JzYlRVc0ZRMUxKZHVIWWw0X3kzTF9FbnkwaG1mSFg5cll4U2ozamhmZVpZYVhYa0wtdERCa2k5VF9zXzhzb19RQjNLN29oR2tqSDU1TUQwRkdDNzVpRS1UcmtqNFd0cWNyYjI3S3BNSzdXWm1qSnJUMFE0bzlMMTBURXJvZE1HeEpfTm5IMGdSYmUwTFVSOWhaVnUzMG9tWkdrQVhfQXhUa1VJWktXQzZENkJ3Iiwia2lkIjoiMDd1SlMwT0dpR2pObzF6ejRTbGFpZUIzQkprSWc1bVAifX0sImN0eCI6W3siZGF0YSI6eyJ0YXJnZXRPcmlnaW5zIjpbImh0dHA6Ly9sb2NhbGhvc3Q6ODA4MiJdLCJtZk9yaWdpbiI6Imh0dHBzOi8vdGVzdGZsZXguY3liZXJzb3VyY2UuY29tIn0sInR5cGUiOiJtZi0wLjExLjAifV0sImlzcyI6IkZsZXggQVBJIiwiZXhwIjoxNTgwMTg5NDA2LCJpYXQiOjE1ODAxODg1MDYsImp0aSI6InNYYWNWSm43bkI1a1ZvSnIifQ.Hr-DwfFv-90bBtUWhACXwkhVFefh7fNOV9FS5Epu5fcL7Ji_pE9GHQIhaX5F31VM-EAOz55gG0eYnEu7ZAptR1mq3WgxNx3Af9ngKpbl4ZTb9cUxjGf3DdGJ1-J26aziJx3GcaZREfFyabDWbThyKlGTxSbnGHb7-UcQ_MPmh-znt_691y_gX9Qo8fe6XeJw8-Ir4XwwznjNLa31-EctYfnYUbfOnjR_8rfuFNnulvQecHs1e4zFVVAqm8mqex-umdlPbPUGT8xzYN-G0oLMdj3uMAAeSuyrdAifVXWSXyyyBHU5rIp-8anGWj_9RQrwvOH7MOIerV3Lej1-lEOxTw\",\"der\":null,\"jwk\":null}" }';
$body = json_decode($body, true);
$body = json_decode($body['data'], true);
$keyId = $body['keyId'];
既然您在其中标记了PHP,这就是我的服务器端答案
编辑:
你必须把你的
$body
变量变成一个字符串。在它周围加上引号。经过测试和确认,这是有效的。->访问对象值去年我放弃了这个,但不得不再次这样做,我没有看到你的答案,但这是我正在寻找的答案~~非常感谢你,抱歉太晚了!:D@jasieSorry我不够清楚。但是没错,第一个代码来自客户端,第二个代码来自服务器端。是的,他们共享变量名$body,其中包含上面的JWK响应。我尝试了这段代码,但在控制台日志中没有看到他们的keyID值,我仍然无法呈现iframe。``var captureContext=;var resp=JSON.parse(captureContext);var keyID=resp.keyID;console.log(keyID)“``谢谢您的回复!抱歉,这是我在代码keyID
的最后一部分中的错误,这是因为您在属性data
下有它。请再次检查,我已经编辑并修复了它。但是,出于安全原因,如果客户端的响应应该只包含keyID而不是完整的JWK数据,那么最好的方法是仍在从服务器端的整个JWK中拆分此ID。但是,我猜JWK是您尝试发送回客户端的正确API。顺便说一下,还有另一个不清楚的部分可能会导致错误,您为JWK粘贴的数据以{“data”:…}开头,后面的值是{“\keyId”\:“\…”\}。请注意,一个console.log()可能会输出类似于您发布的JWK的对象。嗯,我尝试了上面两个代码,但控制台日志中没有返回keyID值,iframe仍然无法呈现。如何从服务器端的整个JWK中分割keyID?我在下面尝试了,但我有未定义的索引:data,我收到了空JWK响应。$body=json\u decode($body,true)$body=json_decode($body['data']['keyId'],true);$keyId=$body['keyId'];如果这是服务器端的代码,我应该如何在客户端指定它?谢谢!您能尝试以下步骤并给出输出,这样我就可以告诉您密钥在哪里:a)console.log(captureContext);
b)console.log(json.parse)(captureContext));
c)console.log(JSON.parse(captureContext.data)<
var captureContext = <?php echo json_encode($body)?>;
var resp = JSON.parse(captureContext);
var respData = JSON.parse(resp.data);
var keyID = respData.keyId;
console.log(keyID);
$body = '{ "data": "{\"keyId\":\"eyJraWQiOiIzZyIsImFsZyI6IlJTMjU2In0.eyJmbHgiOnsicGF0aCI6Ii9mbGV4L3YxL3Rva2Vucz9mb3JtYXRcdTAwM2RKV0UiLCJkYXRhIjoiOFZ6WnhyUHd2b1dRb1I0QTVTRWNteEFBRUliNlJsT1YzdGU4UUxGdmEwb08wTEliWkhtWmE4Z2ZqT0lSWklmS1FaUElRYmhaZHVlRFNwQzZZZllUanF0cU94d2xtUVlQa1FzZUcrL05WUGlBbUZUdGtUNjlUbXAyb3pEOWJqT0NyVFlQIiwib3JpZ2luIjoiaHR0cHM6Ly90ZXN0ZmxleC5jeWJlcnNvdXJjZS5jb20iLCJqd2siOnsia3R5IjoiUlNBIiwiZSI6IkFRQUIiLCJ1c2UiOiJlbmMiLCJuIjoiaGNLRlU5UllCR0VwY1JyR3FQQ2J1U3BlOFdyeTRRUUNvMUdiRml4ZHdWMUtuN09BMHQtRDdXM2tvUjN6MDc3UndnYnBldTdvbV8xd0ZrRjVRLTBNeVNfdzk3TklmaVk1OVNLb3JqdWhfQmt2NHdJVGVUbm9LN2ZROHJyOTJSOUNKTFp6UFdlUVJPMDVxeWxiLVdVWUJvOU5sa2QwZHl6b2RlbEoxWVRzQ1JzYlRVc0ZRMUxKZHVIWWw0X3kzTF9FbnkwaG1mSFg5cll4U2ozamhmZVpZYVhYa0wtdERCa2k5VF9zXzhzb19RQjNLN29oR2tqSDU1TUQwRkdDNzVpRS1UcmtqNFd0cWNyYjI3S3BNSzdXWm1qSnJUMFE0bzlMMTBURXJvZE1HeEpfTm5IMGdSYmUwTFVSOWhaVnUzMG9tWkdrQVhfQXhUa1VJWktXQzZENkJ3Iiwia2lkIjoiMDd1SlMwT0dpR2pObzF6ejRTbGFpZUIzQkprSWc1bVAifX0sImN0eCI6W3siZGF0YSI6eyJ0YXJnZXRPcmlnaW5zIjpbImh0dHA6Ly9sb2NhbGhvc3Q6ODA4MiJdLCJtZk9yaWdpbiI6Imh0dHBzOi8vdGVzdGZsZXguY3liZXJzb3VyY2UuY29tIn0sInR5cGUiOiJtZi0wLjExLjAifV0sImlzcyI6IkZsZXggQVBJIiwiZXhwIjoxNTgwMTg5NDA2LCJpYXQiOjE1ODAxODg1MDYsImp0aSI6InNYYWNWSm43bkI1a1ZvSnIifQ.Hr-DwfFv-90bBtUWhACXwkhVFefh7fNOV9FS5Epu5fcL7Ji_pE9GHQIhaX5F31VM-EAOz55gG0eYnEu7ZAptR1mq3WgxNx3Af9ngKpbl4ZTb9cUxjGf3DdGJ1-J26aziJx3GcaZREfFyabDWbThyKlGTxSbnGHb7-UcQ_MPmh-znt_691y_gX9Qo8fe6XeJw8-Ir4XwwznjNLa31-EctYfnYUbfOnjR_8rfuFNnulvQecHs1e4zFVVAqm8mqex-umdlPbPUGT8xzYN-G0oLMdj3uMAAeSuyrdAifVXWSXyyyBHU5rIp-8anGWj_9RQrwvOH7MOIerV3Lej1-lEOxTw\",\"der\":null,\"jwk\":null}" }';
$body = json_decode($body, true);
$body = json_decode($body['data'], true);
$keyId = $body['keyId'];