英文:
How can I get expire date from jwt token in go?
问题
我有一个JWT令牌,并且我能够在https://jwt.io/网站上看到解码后的令牌。它不需要我设置任何密钥或声明。因此,我正在寻找一种在不提供任何密钥的情况下解码令牌以获取过期日期的方法。
我正在使用库gopkg.in/square/go-jose.v2/jwt,以下是我的代码:
token, err := jwt.ParseSigned(jwtToken)
返回的值token有一个Header字段,其中包括KeyId和Algorithm,但它不给我过期日期。
我在这个主题上进行了搜索,人们说使用github.com/auth0/go-jwt-middleware/v2/validator库,但它需要设置密钥/秘密。解析令牌的过期日期是否需要密钥?网站https://jwt.io/是如何知道过期日期的呢?
英文:
I have a jwt token and I am able to see the decoded token in https://jwt.io/ website. It doesn't require me to setup any secret or claims. so I am looking for a way to decode the token to get expire date without providing any secret.
I am using the library gopkg.in/square/go-jose.v2/jwt and below is my code:
token, err := jwt.ParseSigned(jwtToken)
the returned value token has a Header field which includes KeyId, Algorithm but it doesn't give me expire date.
I have searched on this topic and people say using github.com/auth0/go-jwt-middleware/v2/validator library but it requires setting up key/secret. Is secret required for parsing the expire date from the token. How does the website https://jwt.io/ knows the expire date?
答案1
得分: 0
使用来自jwt.io的示例JWT令牌,这段代码解析并提取声明,而不验证签名:
func main() {
raw := "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
t, err := jwt.ParseSigned(raw)
if err != nil {
panic(err)
}
var claims map[string]any
if err := t.UnsafeClaimsWithoutVerification(&claims); err != nil {
panic(err)
}
fmt.Println(claims)
}
在此示例中,到期时间应该作为claims映射中的一个字段出现。要提取它,使用exp, ok := claims["expire"](根据确切的名称而定)。
英文:
Using the sample JWT token from jwt.io, this code parses and retrieves the claims without verifying the signature:
func main() {
raw := "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
t, err := jwt.ParseSigned(raw)
if err != nil {
panic(err)
}
var claims map[string]any
if err := t.UnsafeClaimsWithoutVerification(&claims); err != nil {
panic(err)
}
fmt.Println(claims)
}
The expiration should appear as one of the fields in the claims map in this example. To retrieve it, use exp, ok := claims["expire"] (depending on the exact name).
答案2
得分: 0
根据Peter的回答,过期时间在Claims结构体中,如果你正在使用jose库,也许以下步骤可以帮到你:
// 创建JWT声明结构体,通常用于编码和解码令牌
type JWTClaim struct {
*jwt.Claims
}
// 解码JWT令牌
parsedJwt, err := jwt.ParseSigned(rawToken)
result := JWTClaim{}
err := parsedJwt.Claims(key, &result)
expiryAt := result.ExpiresAt
mytime := time.Unix(expiryAt, 0)
fmt.Println(mytime)
我还不确定这个答案是否正确,但你可以尝试一下。我正在使用的jwt包是golang-jwt,还没有尝试过go-jose。
英文:
Based on Peter answer, the expires is in the Claims struct, if you are using jose library, maybe this step can help:
//create struct jwt claim, it usually for encode and decode token
type JWTClaim struct {
*jwt.Claims
}
//decode the jwt token
parsedJwt, err := jwt.ParseSigned(rawToken)
result := JWTClaim{}
err := parsedJwt.Claims(key, &result)
expiryAt := result.ExpiresAt
mytime := time.Unix(expiryAt, 0)
fmt.Println(mytime)
I'm still not sure about the answer, but you can try it. jwt package that I'm using is golang-jwt, haven't try go-jose yet.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论