zoukankan      html  css  js  c++  java
  • [JWT] JWT Signature With RS256

    The advantage of RS256 over HS256 is RS256 no longer need to share the secret key between client and server side.

    To create a token, we need to private key, which should be kept safe. We can use third-party server such as Auth0 to generate private-public key paris. 

    The public key is used only to validate JWT token on the server, and cannot use public key to create a JWT token, so even the server is hacked, hacker still cannot use the information create a token to access the data.

    Create a token:

    var jwt = require('jsonwebtoken');
    var fs = require('fs');
    
    
    var privateKey = fs.readFileSync('./demos/private.key');
    
    var payload = {
      name: 'Alice'
    };
    
    
    var token = jwt.sign(payload, privateKey, {
        algorithm: 'RS256',
        expiresIn: 120,
        subject: "1"
    });
    
    
    console.log('RSA 256 JWT', token);

    Validate a token:

    var jwt = require('jsonwebtoken');
    var fs = require('fs');
    
    
    // verify an existing JWT
    var existingToken = 'eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoiQWxpY2UiLCJpYXQiOjE1MDI5MDMxNTcsImV4cCI6MTUwMjkwMzI3Nywic3ViIjoiMSJ9.KQJ-f3r4TNCLVrox1JaL5pxQAM6vSw4CNKj1lCf3HDWXGdIHW5rgD5odKpNBjrkbl1smjEL_ClLnFwG_iGDPKvu2bqktcrbXwi1-XUrY-jDKLkpoEHL2C9tGYnyDRl6Pg1SP97Hl-VWkGNyekYMerL8vh0RwgcK7y8UsuA33WgnP1DtfhKIghwcd493ARN4nBvmMJ11Zk35c7FBIN2w4Xl4ny8RU4l0_xy5DBF3JAKV1jilTHOKEvsrY8Ry3qRKaxxR6-QE_pfGOte3BRlt6544BUul1yI662tVAn1R28KXKnwCGAwo_HZ1kC-OrxmsjoXI4HDuHG2k5eRX-QC_W4Q';
    
    
    var publicKey = fs.readFileSync('./demos/public.key');
    
    
    console.log("verifying");
    
    const verify = jwt.verify(existingToken, publicKey);
    
    
    
    console.log("Decoded JWT:", verify);
  • 相关阅读:
    Spring Bean的生命周期
    Java中的Object类
    Java线程池七个参数
    ROS 第五讲 在模拟器中构建第一个机器人
    ROS 第四讲 让小车在RViz与Gazebo模拟器中跑起来
    ROS 第三讲 操控小乌龟
    ROS 第二讲 基本操作
    ROS 第一讲 引入
    自然语言处理(二) 新词发现或非监督词典构建
    递归找到一个复杂对象中的某个值和它的最小层级
  • 原文地址:https://www.cnblogs.com/Answer1215/p/7576202.html
Copyright © 2011-2022 走看看