1. 首页
  2. 问答
  3. 带公钥/私钥的java-jwt

带公钥/私钥的java-jwt

2016-06-09 153 views
1

Auth0提供两个JWT库,一个用于节点:node-jsonwebtoken,另一个用于Java:java-jwt带公钥/私钥的java-jwt

我创建的私有/公共密钥对,并与node-jsonwebtoken用它成功地在节点:

var key = fs.readFileSync('private.key'); 
var pem = fs.readFileSync('public.pem'); 

var header = {...}; 
var payload = {...}; 

header.algorithm = "RS256"; 
var message = jsonwebtoken.sign(payload, key, header); 
var decoded = jsonwebtoken.verify(message, pem, {algorithm: "RS256"});

但我没有发现任何与java-jwt做在Java中相同的方式。

任何人对如何在Java中使用私有/公共密钥对JWT工作的例子吗?

来源

2016-06-09 Predrag Stojadinović

回答

1

这个特定的库不支持它。但是你可以检查其他人的Java。在这里看到:https://jwt.io/

来源

2016-06-09 15:33:34

+0

我很害怕,答案:(但感谢的话。 –

2

我用下面的代码为智威汤逊在Java中。尝试一下。

import java.security.KeyPair; 
import java.security.KeyPairGenerator; 
import java.security.PrivateKey; 
import java.security.PublicKey; 
import java.util.Date; 
import java.util.HashMap; 
import java.util.Map; 

import io.jsonwebtoken.Claims; 
import io.jsonwebtoken.Jwts; 
import io.jsonwebtoken.SignatureAlgorithm; 

public class JWTJavaWithPublicPrivteKey { 

    public static void main(String[] args) { 

     System.out.println("generating keys"); 
     Map<String, Object> rsaKeys = null; 

     try { 
      rsaKeys = getRSAKeys(); 
     } catch (Exception e) { 

      e.printStackTrace(); 
     } 
     PublicKey publicKey = (PublicKey) rsaKeys.get("public"); 
     PrivateKey privateKey = (PrivateKey) rsaKeys.get("private"); 

     System.out.println("generated keys"); 

     String token = generateToken(privateKey); 
     System.out.println("Generated Token:\n" + token); 

     verifyToken(token, publicKey); 

    } 

    public static String generateToken(PrivateKey privateKey) { 
     String token = null; 
     try { 
      Map<String, Object> claims = new HashMap<String, Object>(); 

      // put your information into claim 
      claims.put("id", "xxx"); 
      claims.put("role", "user"); 
      claims.put("created", new Date()); 

      token = Jwts.builder().setClaims(claims).signWith(SignatureAlgorithm.RS512, privateKey).compact(); 


     } catch (Exception e) { 
      e.printStackTrace(); 
     } 
     return token; 
    } 

    // verify and get claims using public key 

    private static Claims verifyToken(String token, PublicKey publicKey) { 
     Claims claims; 
     try { 
      claims = Jwts.parser().setSigningKey(publicKey).parseClaimsJws(token).getBody(); 

      System.out.println(claims.get("id")); 
      System.out.println(claims.get("role")); 

     } catch (Exception e) { 

      claims = null; 
     } 
     return claims; 
    } 

    // Get RSA keys. Uses key size of 2048. 
    private static Map<String, Object> getRSAKeys() throws Exception { 
     KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA"); 
     keyPairGenerator.initialize(2048); 
     KeyPair keyPair = keyPairGenerator.generateKeyPair(); 
     PrivateKey privateKey = keyPair.getPrivate(); 
     PublicKey publicKey = keyPair.getPublic(); 
     Map<String, Object> keys = new HashMap<String, Object>(); 
     keys.put("private", privateKey); 
     keys.put("public", publicKey); 
     return keys; 
    } 
} 

 
Maven Dependency 


<dependency> 
     <groupId>io.jsonwebtoken</groupId> 
     <artifactId>jjwt</artifactId> 
     <version>0.6.0</version> 
</dependency>

来源

2018-02-22 10:07:10

相关问题

 相关问题