Keycloak Keyclope JWT离线验证

Keycloak Keyclope JWT离线验证,keycloak,Keycloak,因此,我想实现keydape JWT令牌的离线验证。离线验证通过获取JWT令牌的签名部分并应用服务器的公钥来验证签名来实现。描述了该过程 然而,我面临一个问题,即keydove创建的令牌不能通过使用服务器的公钥进行验证。为了快速验证,我使用这个 下面是我的例子: 我通过KeyClope的身份验证并获得了一个访问令牌: eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJMdTZNY1h4M3ZOeVkydjVwREpDMVBFaUpUUjJSbm

因此,我想实现keydape JWT令牌的离线验证。离线验证通过获取JWT令牌的签名部分并应用服务器的公钥来验证签名来实现。描述了该过程

然而,我面临一个问题,即keydove创建的令牌不能通过使用服务器的公钥进行验证。为了快速验证,我使用这个

下面是我的例子:

我通过KeyClope的身份验证并获得了一个访问令牌:

eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJMdTZNY1h4M3ZOeVkydjVwREpDMVBFaUpUUjJSbmc0S0lrSG54NnBtUjNjIn0.eyJqdGkiOiI5ODhkMmVkZS00NmZlLTRjN2EtODk3Ny1hMDA2NGEwMzMyYmIiLCJleHAiOjE1Njk5NjU2MzYsIm5iZiI6MCwiaWF0IjoxNTY5OTM2ODM2LCJpc3MiOiJodHRwOi8vbHVja3kubGhzLXN5c3RlbXMuY29tOjE4MDgwL2F1dGgvcmVhbG1zL0JTQ1MiLCJhdWQiOiJic2NzY2xpZW50Iiwic3ViIjoiNWUyMjJlY2UtZmEyMC00Y2Q4LTk4M2MtY2YyOGNiN2MxNjliIiwidHlwIjoiQmVhcmVyIiwiYXpwIjoiYnNjc2NsaWVudCIsImF1dGhfdGltZSI6MCwic2Vzc2lvbl9zdGF0ZSI6Ijk5Y2IxMTVlLTE4MTItNDAyYi1hZmFkLWYwOWU1M2VlZDkxMCIsImFjciI6IjEiLCJyZXNvdXJjZV9hY2Nlc3MiOnsiYnNjc2NsaWVudCI6eyJyb2xlcyI6WyJ1bWFfcHJvdGVjdGlvbiIsIm1hbmFnZS1hY2NvdW50LWxpbmtzIiwidmlldy1wcm9maWxlIl19fSwiYXV0aG9yaXphdGlvbiI6eyJwZXJtaXNzaW9ucyI6W3sicnNpZCI6Ijc2MjRmMWRmLTVlNTYtNGIzOS1hMjg4LWZhN2MzYmI2YjFmYyIsInJzbmFtZSI6IkRlZmF1bHQgUmVzb3VyY2UifV19LCJzY29wZSI6InByb2ZpbGUgZW1haWwiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsIm5hbWUiOiJBdXRvdGVzdCBBdXRvdGVzdCIsInByZWZlcnJlZF91c2VybmFtZSI6ImF1dCIsImdpdmVuX25hbWUiOiJBdXRvdGVzdCIsImZhbWlseV9uYW1lIjoiQXV0b3Rlc3QifQ.douJsDyObXAKylBexZCTQvEU5v3OY5xJtfNxnUhwDpIOoN1lpw7Tdxwf3jsEWi-ZTKVzV3H1zjhorPCs02tAjjpH9bDQHQmSBtn4R8V2dbXbIedBxK0kl_YfnrYTFPX66lQTpHWoWP9qngxoEqOJcFSnDFnPHwwz774PUZdqPA4FZOwb02LxDtUVKdBfM_bI41LDD2Nsvc_sKuTVuq_dbST3CqjlapAo-Q61vgSoH1zMtCGy9XUBOs1nhyeDhAaGVGcPYD3RwqYuRkfKPl0BuuB_5D8Z1xaEp-1G8M06vMIW0HpESp-NUTUb30rGib5EmAlW3rT6M2_8B6oUUtGhhA
JWT令牌已使用
kid
生成:
Lu6McXx3vNyY2v5pDJC1PEiJTR2Rng4KIkHnx6pmR3c
。 因此,在我的KeyClope安装中,具有此ID的密钥具有公钥:

MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgk9p0QOXtnzsQIVviM4kEoIGtewKAqUG9CtlQ6Esd6Z2RMu5qvQb8iBQVvkiFSHXGEd3kJqY3H7KZk+pkFuoQSdsLqGM5UhPeMjk2pIog0n0lXDxcd6Ff8hywmiIgfIWJW5DeDwvGTPLR1BiLPiina2qemACwUk5VCVdRzr2ob712PohcyNIa34PasPI1kBve0ks/wKNZK5vnGDPC6orFlJL48t2e2gB0Lz5rAJ1l2MJ+tV3cXjjB5wh62cWyJ/xYThGsK48vaXciTRVn8/sZRoJA4c+ZLKg28YOry9zHnAO8B+mj17Nj5Chpat6iYv00pqA0lMxiiQeK6yXxT6cswIDAQAB
相应的证书:

MIIClzCCAX8CBgFrVaYX1jANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARCU0NTMB4XDTE5MDYxNDEwNTkzNloXDTI5MDYxNDExMDExNlowDzENMAsGA1UEAwwEQlNDUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIJPadEDl7Z87ECFb4jOJBKCBrXsCgKlBvQrZUOhLHemdkTLuar0G/IgUFb5IhUh1xhHd5CamNx+ymZPqZBbqEEnbC6hjOVIT3jI5NqSKINJ9JVw8XHehX/IcsJoiIHyFiVuQ3g8Lxkzy0dQYiz4op2tqnpgAsFJOVQlXUc69qG+9dj6IXMjSGt+D2rDyNZAb3tJLP8CjWSub5xgzwuqKxZSS+PLdntoAdC8+awCdZdjCfrVd3F44wecIetnFsif8WE4RrCuPL2l3Ik0VZ/P7GUaCQOHPmSyoNvGDq8vcx5wDvAfpo9ezY+QoaWreomL9NKagNJTMYokHiusl8U+nLMCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEACJ2h6p7b9j8MPJPhvEp00WoT3kv0r3WS/8CFDPugV6WPrEexGO8aCOmn5/4GqoVGux6whnAxEZIQrTtufnMg+LCV5kEhOrHOuM2JHcA/AmkMOSXnnJXlH1gwYvOa1LV0rWxOiWvVI1bsK4Q3gelZu8CEVxluN0SU/g/9tkntFmXqARHl7BEVuBCnnEje8rVonDctmUzsb97DzXVFIIP3sUIq0B+1M3u0+Nm008u30FrZ7OOJm7qXC0KR9XOkqcTYga/4dDJ2h25bpulgFU/c0VYxCRbs+5zEij5RGbj8pW3XayPyNndNH6E00zwOeEgaBajOx+JLchg9hPKGOdeQuw==
此时,似乎无法使用密钥或证书验证令牌。。。我是否需要在KeyClope中设置一些设置以启用脱机验证?或者这是jwt.io服务上的错误?离线验证KeyClope jwt令牌的正确方法是什么


提前谢谢你

这个问题实际上出现在jwt.io网站上。您必须按如下方式输入公钥:

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgk9p0QOXtnzsQIVviM4kEoIGtewKAqUG9CtlQ6Esd6Z2RMu5qvQb8iBQVvkiFSHXGEd3kJqY3H7KZk+pkFuoQSdsLqGM5UhPeMjk2pIog0n0lXDxcd6Ff8hywmiIgfIWJW5DeDwvGTPLR1BiLPiina2qemACwUk5VCVdRzr2ob712PohcyNIa34PasPI1kBve0ks/wKNZK5vnGDPC6orFlJL48t2e2gB0Lz5rAJ1l2MJ+tV3cXjjB5wh62cWyJ/xYThGsK48vaXciTRVn8/sZRoJA4c+ZLKg28YOry9zHnAO8B+mj17Nj5Chpat6iYv00pqA0lMxiiQeK6yXxT6cswIDAQAB
-----END PUBLIC KEY-----
这样,服务将正确验证jwt令牌