英文:
Can't validate JWT token
问题
我只会翻译代码部分,以下是翻译好的代码:
我只想做的是生成一个新的密钥,创建JWT令牌,然后验证它。
package main
import (
"crypto/ecdsa"
"crypto/elliptic"
"crypto/rand"
"crypto/x509"
"encoding/base64"
"fmt"
"log"
"time"
"github.com/golang-jwt/jwt/v4"
)
func main() {
key, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
if err != nil {
log.Fatalln(err)
return
}
privateK, err := x509.MarshalECPrivateKey(key)
if err != nil {
log.Fatalln(err)
return
}
claims := jwt.MapClaims{}
claims["authorized"] = true
claims["user_id"] = 10
claims["exp"] = time.Now().Add(time.Hour * time.Duration(1)).Unix()
t := jwt.NewWithClaims(jwt.SigningMethodES256, claims)
tokenStr, err := t.SignedString(key)
if err != nil {
log.Fatalln(err)
return
}
fmt.Printf("Secret: %s\n", base64.StdEncoding.EncodeToString(privateK))
fmt.Printf("Token: %s\n", tokenStr)
// 验证令牌
_, err = jwt.Parse(tokenStr, func(token *jwt.Token) (interface{}, error) {
if _, ok := token.Method.(*jwt.SigningMethodECDSA); !ok {
return nil, fmt.Errorf("unexpected signing method %v", token.Header["alg"])
}
return key, nil
})
if err != nil {
log.Fatalf("Token is invalid %v", err)
} else {
fmt.Println("Token is valid")
}
}
我得到的错误信息是Token is invalid: key is of invalid type。我做错了什么?
英文:
All I wanted to do, is to generate a new secret key, create JWT token and then validate it.
package main
import (
"crypto/ecdsa"
"crypto/elliptic"
"crypto/rand"
"crypto/x509"
"encoding/base64"
"fmt"
"log"
"time"
"github.com/golang-jwt/jwt/v4"
)
func main() {
key, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
if err != nil {
log.Fatalln(err)
return
}
privateK, err := x509.MarshalECPrivateKey(key)
if err != nil {
log.Fatalln(err)
return
}
claims := jwt.MapClaims{}
claims["authorized"] = true
claims["user_id"] = 10
claims["exp"] = time.Now().Add(time.Hour * time.Duration(1)).Unix()
t := jwt.NewWithClaims(jwt.SigningMethodES256, claims)
tokenStr, err := t.SignedString(key)
if err != nil {
log.Fatalln(err)
return
}
fmt.Printf("Secret: %s\n", base64.StdEncoding.EncodeToString(privateK))
fmt.Printf("Token: %s\n", tokenStr)
// Validate token
_, err = jwt.Parse(tokenStr, func(token *jwt.Token) (interface{}, error) {
if _, ok := token.Method.(*jwt.SigningMethodECDSA); !ok {
return nil, fmt.Errorf("unexpected signing method %v", token.Header["alg"])
}
return key, nil
})
if err != nil {
log.Fatalf("Token is invalid %v", err)
} else {
fmt.Println("Token is valid")
}
}
And I get Token is invalid: key is of invalid type. What I'm doing wrong?
答案1
得分: 1
根据文档中的说明:
ECDSA签名方法(ES256、ES384、ES512)需要使用ecdsa.PrivateKey进行签名,使用ecdsa.PublicKey进行验证。
你的keyfunc返回的是一个*edcsa.PrivateKey,与上述要求不匹配。要修复这个问题,请将return key, nil更改为return &key.PublicKey, nil(playground)。
英文:
As per the docs
>The ECDSA signing method (ES256,ES384,ES512) expect *ecdsa.PrivateKey for signing and *ecdsa.PublicKey for validation
Your keyfunc is returning a *edcsa.PrivateKey which does not match the above. To fix this change return key, nil to return &key.PublicKey, nil (playground).
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论