Fatal编程技术网
  • jwt/
  • 使用RSA密钥对JWT签名时签名无效https://jwt.io/

使用RSA密钥对JWT签名时签名无效https://jwt.io/

jwt

使用RSA密钥对JWT签名时签名无效https://jwt.io/,jwt,rsa,jwk,Jwt,Rsa,Jwk,嗨,我正在通过邮递员测试一些api 注册API-它接受公钥并存储在服务器中。要获取公钥,我使用https://mkjwk.org/。它生成一个包含公钥和私钥的密钥。下面是生成的密钥: { "kty": "RSA", "d": "HgP6c8xA3D_-8DKgSk3fQ_FZuPj2RNSFE5NLfGz3GJjkyt9fzOPztNObQmLZ2EoJzPrYL8ljk-1mKGIr5Ma1n4TPX_kQ9JErq9wNyhMUTykQ8PqjMuxmUpddn43RZ27VPjvU

嗨,我正在通过邮递员测试一些api

  • 注册API-它接受公钥并存储在服务器中。要获取公钥,我使用
    https://mkjwk.org/
    。它生成一个包含公钥和私钥的密钥。下面是生成的密钥:

    {
  "kty": "RSA",
  "d": "HgP6c8xA3D_-8DKgSk3fQ_FZuPj2RNSFE5NLfGz3GJjkyt9fzOPztNObQmLZ2EoJzPrYL8ljk-1mKGIr5Ma1n4TPX_kQ9JErq9wNyhMUTykQ8PqjMuxmUpddn43RZ27VPjvUvHMulk5hPBFv0uH3LnDsM1xn34icj40y4zcRTYXwixqDgj74Ua_9aaZwPXX06Ykc3vzC5M4F5JP4ZjuLTFjmM8jxzJpu4JNDncXwhHE5Xtv3t1oezXTHNZdRzyTTtFLOeyYeLt5WWM-y549du3hsUtvgNnJ4JTS4uEHEonDMW8CV5ZzoQE8F81LT5Q84coYzOjVlzC50w7st3vLFYQ",
  "e": "AQAB",
  "use": "sig",
  "kid": "sdk291",
  "alg": "RS256",
  "n": "0h5Pgw32t3NtODVj1UrNkk90RytZBz2T09JBEo1NwYtw0T7NM3SrFsleLK8e_DknE26rB8EXD2T1YmUSuseuWvW-LPdwbk--SrKo8Df1H5ff5hDZYJ_x-NPDJ_ZmoY7r2U83aGY-DubilufhDf6icB2auTGxBvVylAl5Jdf7UBsjHAWrgWAtFFvnkbcaUk1O7ZA8nS4Iyk4l8vVsoUOJCSRrysceObAOG-EYj1UfdzOBZsuSj5Usst6ebRjF9M1VNJOLcvm6EiAqazayyqbsengnA-hqUGRgfd6HXXZ5Hg4BU_srPVBXrVmx81azHY5lRUdZr_Khtw4O0Zy3UIwMWw"
    }

    • 我只将公钥部分发送到此API,此API工作正常

  • 使用JWTAPI获取访问令牌-这需要一个JWT,它将与一些声明一起创建。我们必须使用RSA公钥和私钥对其进行签名。我在签署JWT时面临问题。 为了从上述JWK中获取公钥和私钥的text/pem版本,我使用
    https://8gwifi.org/jwkconvertfunctions.jsp
    。这为我们提供了以下公钥和私钥

        -----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0h5Pgw32t3NtODVj1UrN
kk90RytZBz2T09JBEo1NwYtw0T7NM3SrFsleLK8e/DknE26rB8EXD2T1YmUSuseu
WvW+LPdwbk++SrKo8Df1H5ff5hDZYJ/x+NPDJ/ZmoY7r2U83aGY+DubilufhDf6i
cB2auTGxBvVylAl5Jdf7UBsjHAWrgWAtFFvnkbcaUk1O7ZA8nS4Iyk4l8vVsoUOJ
CSRrysceObAOG+EYj1UfdzOBZsuSj5Usst6ebRjF9M1VNJOLcvm6EiAqazayyqbs
engnA+hqUGRgfd6HXXZ5Hg4BU/srPVBXrVmx81azHY5lRUdZr/Khtw4O0Zy3UIwM
WwIDAQAB
-----END PUBLIC KEY-----


-----BEGIN RSA PRIVATE KEY-----
MIICHgIBAAKCAQEA0h5Pgw32t3NtODVj1UrNkk90RytZBz2T09JBEo1NwYtw0T7N
M3SrFsleLK8e/DknE26rB8EXD2T1YmUSuseuWvW+LPdwbk++SrKo8Df1H5ff5hDZ
YJ/x+NPDJ/ZmoY7r2U83aGY+DubilufhDf6icB2auTGxBvVylAl5Jdf7UBsjHAWr
gWAtFFvnkbcaUk1O7ZA8nS4Iyk4l8vVsoUOJCSRrysceObAOG+EYj1UfdzOBZsuS
j5Usst6ebRjF9M1VNJOLcvm6EiAqazayyqbsengnA+hqUGRgfd6HXXZ5Hg4BU/sr
PVBXrVmx81azHY5lRUdZr/Khtw4O0Zy3UIwMWwIBAAKCAQAeA/pzzEDcP/7wMqBK
Td9D8Vm4+PZE1IUTk0t8bPcYmOTK31/M4/O005tCYtnYSgnM+tgvyWOT7WYoYivk
xrWfhM9f+RD0kSur3A3KExRPKRDw+qMy7GZSl12fjdFnbtU+O9S8cy6WTmE8EW/S
4fcucOwzXGffiJyPjTLjNxFNhfCLGoOCPvhRr/1ppnA9dfTpiRze/MLkzgXkk/hm
O4tMWOYzyPHMmm7gk0OdxfCEcTle2/e3Wh7NdMc1l1HPJNO0Us57Jh4u3lZYz7Ln
j127eGxS2+A2cnglNLi4QcSicMxbwJXlnOhATwXzUtPlDzhyhjM6NWXMLnTDuy3e
8sVhAgEAAgEAAgEAAgEAAgEA
-----END RSA PRIVATE KEY-----
    • 我拿着这些钥匙去
    https://jwt.io/
    ,然后用我所需的值更新标题和有效负载。 标题:

    有效载荷:

            {
      "iss": "e9064e3cb1cc445cb2095f3dc675b4gf",
      "sub": "e9064e3cb1cc445cb2095f3dc675b4gf",
      "aud": [
        "southgate"
      ],
      "iat": 1543469348,
      "nbf": 1543469348,
      "exp": 1543517174,
      "jti": "a6fb0873-8653-4923-be47-e53e0acabb35",
      "schemas": [
        "urn:x:y:v1"
      ],
      "ten": "myTen"
    }
    在此之后,当我从上面对包含公钥和私钥的JWT进行签名时,它不会生成JWT令牌,并给出“无效签名”错误。因此,我无法生成作为第二个API输入所需的签名JWT

    PS-我现在处于测试阶段。因此,我没有编写任何代码来测试api,并且只使用在线生成器工具

    请告诉我如何解决这个问题

            {
      "iss": "e9064e3cb1cc445cb2095f3dc675b4gf",
      "sub": "e9064e3cb1cc445cb2095f3dc675b4gf",
      "aud": [
        "southgate"
      ],
      "iat": 1543469348,
      "nbf": 1543469348,
      "exp": 1543517174,
      "jti": "a6fb0873-8653-4923-be47-e53e0acabb35",
      "schemas": [
        "urn:x:y:v1"
      ],
      "ten": "myTen"
    }