我使用jsrsasign创建JWT。在教程here之后,我做了以下内容:
// Header
var oHeader = {alg: 'RS256', typ: 'JWT'};
// Payload
var oPayload = {};
var tNow = KJUR.jws.IntDate.get('now');
var tEnd = KJUR.jws.IntDate.get('now + 1day');
oPayload.iss = "http://foo.com";
oPayload.sub = "mailto:mike@foo.com";
oPayload.nbf = tNow;
oPayload.iat = tNow;
oPayload.exp = tEnd;
oPayload.jti = "id123456";
oPayload.aud = "http://foo.com/employee";
var sHeader = JSON.stringify(oHeader);
var sPayload = JSON.stringify(oPayload);
var pbKey = KEYUTIL.getKey("-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+bg0doaHG2Pg/WplPgc0\nstTEdPyuNqD6jhvCOLrnq01R1M8QoBgiOmKhYUJrti/hybXSqp9uTp61dGPQ4KUU\nP7r4vjwzBYXzSUiS7YfCdWbX6bY8MW7eFXf3EADgNCi6NUBsTpOwKVyJuHFMxWFy\nR2Z9Pdw4gUuCrIqWaoGARIJ0Tkf5zT99C8AuwcJ46fZqPs6cNHtUaNu/CdXcgtPA\n3iXIXBZqlBkKPaNE6ATjtIUHftZhOx0aQLUDm2skbDmDre78R7GKNXPUWknfw7xV\nMpa93zYckxjce2MYNDbvmsK4gbzwm8zxYp+o0eMobOq7xe5hy/sRFbbHOZTqQWtp\nrwIDAQAB\n-----END PUBLIC KEY-----\n");
var sJWT = KJUR.jws.JWS.sign("RS256", sHeader, sPayload, pbKey);
console.log(sJWT);
我使用Ruby jwt gem生成公钥,如下所示:
rsa_private = OpenSSL::PKey::RSA.generate 2048
rsa_public = rsa_private.public_key
public_key = rsa_public.to_pem
签署有效负载时,我一直收到以下错误:
"error"
"Uncaught Signature: unsupported public key alg: rsa (line 24)"
我做错了什么?
这里是JS Bin的链接:http://jsbin.com/yehiyo/edit?js,console
答案 0 :(得分:4)
你做错了很简单。你写的代码是正确的。但是,您不能使用 public 键对JWT进行签名。您需要使用私有键。生成密钥对时,您应该获得一个看起来类似于公钥的文件,但使用BEGIN PRIVATE RSA KEY等等。
这将解决您的问题。祝你好运。