如何发布和使用 URL 中的密钥?
How can I publish and consume keys from a URL?
我想在 URL 上公开 public 键,我想是这样的:
return keySet.toJson(OutputControlLevel.PUBLIC_ONLY);
但是当我尝试从 URL 消费时:
HttpsJwks keyUrl = new HttpsJwks("https://dmdcggwvwj.execute-api.ca-central-1.amazonaws.com/authBeta/z/key");
List<JsonWebKey> keySet = keyUrl.getJsonWebKeys();
我得到这个异常:
java.lang.ClassCastException: java.lang.String cannot be cast to org.jose4j.json.JsonUtil$DupeKeyDisallowingLinkedHashMap
我在这里错过了什么?
从 https://dmdcggwvwj.execute-api.ca-central-1.amazonaws.com/authBeta/z/key 返回的内容如下所示,所有引号都已转义(它似乎已经进行了一轮 JSON 转义或处理):
"{\"keys\":[{\"kty\":\"RSA\",\"n\":\"iCSHtMjeCc0RTNw1uVAlciaBtGOgOV7dhtbbjfzfWYdVxQN9tB4Z0gI_4nIcrzLvzg_Sm_iJKUsZuU29JM0tgFvXwfb_pkFL8E7HmbiKaLtL8QofGHkGPbCTCyJ-8YPu3uVLgUmyCKGmShBqWIm_VOSGGivZwYjK4-ONbYC5DrVO0yIzRKnF7ZtfCCxVkkI3D8_-_0anViVmSnsQimLCFfPJwgOmoRFFZENQOFYEyHmGTcQkDEDDePvWAwb32FTZBKgs09CuLiP-n7GhqtUW6RbnL8hwPm9GlLEYa3MahjVEeI23j6r_dlttzVZyW99gXdUUqrkRmrRrYOJnmtQzKQ\",\"e\":\"AQAB\"}]}"
jose4j 中的小 JSON 解析器将整个内容解析为单个字符串。错误消息可能会好得多,但基本上它期望一个 JSON 对象将被解析为 Map 并且在将解析的对象转换为 Map 时失败。
而直接来自 keySet.toJson(OutputControlLevel.PUBLIC_ONLY) 的输出将是这样的:
{"keys":[{"kty":"RSA","n":"iCSHtMjeCc0RTNw1uVAlciaBtGOgOV7dhtbbjfzfWYdVxQN9tB4Z0gI_4nIcrzLvzg_Sm_iJKUsZuU29JM0tgFvXwfb_pkFL8E7HmbiKaLtL8QofGHkGPbCTCyJ-8YPu3uVLgUmyCKGmShBqWIm_VOSGGivZwYjK4-ONbYC5DrVO0yIzRKnF7ZtfCCxVkkI3D8_-_0anViVmSnsQimLCFfPJwgOmoRFFZENQOFYEyHmGTcQkDEDDePvWAwb32FTZBKgs09CuLiP-n7GhqtUW6RbnL8hwPm9GlLEYa3MahjVEeI23j6r_dlttzVZyW99gXdUUqrkRmrRrYOJnmtQzKQ","e":"AQAB"}]}
而 jose4j 可以 parse/process。
我认为您需要查看 authBeta/z/key 端点上发生的情况,找到并停止进行额外的转义。
我想在 URL 上公开 public 键,我想是这样的:
return keySet.toJson(OutputControlLevel.PUBLIC_ONLY);
但是当我尝试从 URL 消费时:
HttpsJwks keyUrl = new HttpsJwks("https://dmdcggwvwj.execute-api.ca-central-1.amazonaws.com/authBeta/z/key");
List<JsonWebKey> keySet = keyUrl.getJsonWebKeys();
我得到这个异常:
java.lang.ClassCastException: java.lang.String cannot be cast to org.jose4j.json.JsonUtil$DupeKeyDisallowingLinkedHashMap
我在这里错过了什么?
从 https://dmdcggwvwj.execute-api.ca-central-1.amazonaws.com/authBeta/z/key 返回的内容如下所示,所有引号都已转义(它似乎已经进行了一轮 JSON 转义或处理):
"{\"keys\":[{\"kty\":\"RSA\",\"n\":\"iCSHtMjeCc0RTNw1uVAlciaBtGOgOV7dhtbbjfzfWYdVxQN9tB4Z0gI_4nIcrzLvzg_Sm_iJKUsZuU29JM0tgFvXwfb_pkFL8E7HmbiKaLtL8QofGHkGPbCTCyJ-8YPu3uVLgUmyCKGmShBqWIm_VOSGGivZwYjK4-ONbYC5DrVO0yIzRKnF7ZtfCCxVkkI3D8_-_0anViVmSnsQimLCFfPJwgOmoRFFZENQOFYEyHmGTcQkDEDDePvWAwb32FTZBKgs09CuLiP-n7GhqtUW6RbnL8hwPm9GlLEYa3MahjVEeI23j6r_dlttzVZyW99gXdUUqrkRmrRrYOJnmtQzKQ\",\"e\":\"AQAB\"}]}"
jose4j 中的小 JSON 解析器将整个内容解析为单个字符串。错误消息可能会好得多,但基本上它期望一个 JSON 对象将被解析为 Map 并且在将解析的对象转换为 Map 时失败。
而直接来自 keySet.toJson(OutputControlLevel.PUBLIC_ONLY) 的输出将是这样的:
{"keys":[{"kty":"RSA","n":"iCSHtMjeCc0RTNw1uVAlciaBtGOgOV7dhtbbjfzfWYdVxQN9tB4Z0gI_4nIcrzLvzg_Sm_iJKUsZuU29JM0tgFvXwfb_pkFL8E7HmbiKaLtL8QofGHkGPbCTCyJ-8YPu3uVLgUmyCKGmShBqWIm_VOSGGivZwYjK4-ONbYC5DrVO0yIzRKnF7ZtfCCxVkkI3D8_-_0anViVmSnsQimLCFfPJwgOmoRFFZENQOFYEyHmGTcQkDEDDePvWAwb32FTZBKgs09CuLiP-n7GhqtUW6RbnL8hwPm9GlLEYa3MahjVEeI23j6r_dlttzVZyW99gXdUUqrkRmrRrYOJnmtQzKQ","e":"AQAB"}]}
而 jose4j 可以 parse/process。
我认为您需要查看 authBeta/z/key 端点上发生的情况,找到并停止进行额外的转义。