签署有效载荷时出错(JWT、jsrsasign)
Error signing payload (JWT, jsrsasign)
我正在使用 jsrsasign 创建 JWT。按照教程 here 我做了以下操作:
// Header
var oHeader = {alg: 'RS256', typ: 'JWT'};
// Payload
var oPayload = {};
var tNow = KJUR.jws.IntDate.get('now');
var tEnd = KJUR.jws.IntDate.get('now + 1day');
oPayload.iss = "http://foo.com";
oPayload.sub = "mailto:mike@foo.com";
oPayload.nbf = tNow;
oPayload.iat = tNow;
oPayload.exp = tEnd;
oPayload.jti = "id123456";
oPayload.aud = "http://foo.com/employee";
var sHeader = JSON.stringify(oHeader);
var sPayload = JSON.stringify(oPayload);
var pbKey = KEYUTIL.getKey("-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+bg0doaHG2Pg/WplPgc0\nstTEdPyuNqD6jhvCOLrnq01R1M8QoBgiOmKhYUJrti/hybXSqp9uTp61dGPQ4KUU\nP7r4vjwzBYXzSUiS7YfCdWbX6bY8MW7eFXf3EADgNCi6NUBsTpOwKVyJuHFMxWFy\nR2Z9Pdw4gUuCrIqWaoGARIJ0Tkf5zT99C8AuwcJ46fZqPs6cNHtUaNu/CdXcgtPA\n3iXIXBZqlBkKPaNE6ATjtIUHftZhOx0aQLUDm2skbDmDre78R7GKNXPUWknfw7xV\nMpa93zYckxjce2MYNDbvmsK4gbzwm8zxYp+o0eMobOq7xe5hy/sRFbbHOZTqQWtp\nrwIDAQAB\n-----END PUBLIC KEY-----\n");
var sJWT = KJUR.jws.JWS.sign("RS256", sHeader, sPayload, pbKey);
console.log(sJWT);
我使用 Ruby jwt gem 生成了 public 密钥,如下所示:
rsa_private = OpenSSL::PKey::RSA.generate 2048
rsa_public = rsa_private.public_key
public_key = rsa_public.to_pem
我在签署负载时不断收到以下错误:
"error"
"Uncaught Signature: unsupported public key alg: rsa (line 24)"
我做错了什么?
这是给 JS Bin 的link:http://jsbin.com/yehiyo/edit?js,console
你做错的地方很简单。您编写的代码是正确的。但是,您不能使用 public 密钥签署 JWT。为此,您需要使用 private 密钥。当你生成你的密钥对时,你应该得到一个看起来类似于 public 密钥的文件,但是有 BEGIN PRIVATE RSA KEY,等等
这将解决您的问题。祝你好运。
我正在使用 jsrsasign 创建 JWT。按照教程 here 我做了以下操作:
// Header
var oHeader = {alg: 'RS256', typ: 'JWT'};
// Payload
var oPayload = {};
var tNow = KJUR.jws.IntDate.get('now');
var tEnd = KJUR.jws.IntDate.get('now + 1day');
oPayload.iss = "http://foo.com";
oPayload.sub = "mailto:mike@foo.com";
oPayload.nbf = tNow;
oPayload.iat = tNow;
oPayload.exp = tEnd;
oPayload.jti = "id123456";
oPayload.aud = "http://foo.com/employee";
var sHeader = JSON.stringify(oHeader);
var sPayload = JSON.stringify(oPayload);
var pbKey = KEYUTIL.getKey("-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+bg0doaHG2Pg/WplPgc0\nstTEdPyuNqD6jhvCOLrnq01R1M8QoBgiOmKhYUJrti/hybXSqp9uTp61dGPQ4KUU\nP7r4vjwzBYXzSUiS7YfCdWbX6bY8MW7eFXf3EADgNCi6NUBsTpOwKVyJuHFMxWFy\nR2Z9Pdw4gUuCrIqWaoGARIJ0Tkf5zT99C8AuwcJ46fZqPs6cNHtUaNu/CdXcgtPA\n3iXIXBZqlBkKPaNE6ATjtIUHftZhOx0aQLUDm2skbDmDre78R7GKNXPUWknfw7xV\nMpa93zYckxjce2MYNDbvmsK4gbzwm8zxYp+o0eMobOq7xe5hy/sRFbbHOZTqQWtp\nrwIDAQAB\n-----END PUBLIC KEY-----\n");
var sJWT = KJUR.jws.JWS.sign("RS256", sHeader, sPayload, pbKey);
console.log(sJWT);
我使用 Ruby jwt gem 生成了 public 密钥,如下所示:
rsa_private = OpenSSL::PKey::RSA.generate 2048
rsa_public = rsa_private.public_key
public_key = rsa_public.to_pem
我在签署负载时不断收到以下错误:
"error"
"Uncaught Signature: unsupported public key alg: rsa (line 24)"
我做错了什么?
这是给 JS Bin 的link:http://jsbin.com/yehiyo/edit?js,console
你做错的地方很简单。您编写的代码是正确的。但是,您不能使用 public 密钥签署 JWT。为此,您需要使用 private 密钥。当你生成你的密钥对时,你应该得到一个看起来类似于 public 密钥的文件,但是有 BEGIN PRIVATE RSA KEY,等等
这将解决您的问题。祝你好运。