我正在使用图书馆 jwks-rsa
. 我想从identityserver4中提取公钥。
DecodedJWT jwt = JWT.decode(token);
try {
URL url = new URL("https://localhost:31300/.well-known/openid-configuration/jwks");
JwkProvider provider = new UrlJwkProvider(url);
Jwk jwk = null;
String kid = jwt.getKeyId();
jwk = provider.get(kid);
Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) jwk.getPublicKey(), null);
algorithm.verify(jwt);
} catch (JwkException | MalformedURLException e) {
e.printStackTrace();
}
我犯了个错误 jwk=provider.get(kid)
. 例外是 com.auth0.jwk.SigningKeyNotFoundException: Cannot obtain jwks from url https://localhost:31300/.well-known/openid-configuration/jwks
不过,我可以通过 Postman 查到
{
"keys": [
{
"kty": "RSA",
"use": "sig",
"kid": "0538f4763b647a8a01305774b9f4d5f1",
"e": "AQAB",
"n": "6h5hL5UfOW8SGFRNeVuU9M92p6cOWF-941vGqZ8y-PL6jC-B_2S7kp_Cw7SvOajd6CqBpQyiuP21pjhQILU4ikqq7-WbnxNZcvOQcYPLpUzupn5MBQkHk_bYONPInu-jU55FZhuYdO3sz0qS58AEqlnQbKZYLvU_KS_Ou4mSnTJr_hfwrk75cnsAMzhkVcsMt9GaSJZbj4zccIEUVQpiYLTY3gK_Nbym5ZKYfsayOHDSwLLsZchJ5VJnc1mAiZwGtszyjdCJSipQF_wdFcacmfGDwyXY4mnER32aT5Fo20lihnEJ5T1IXkwFMgWJVesiaHJQNqxAMEg86SWSN3_A0Q",
"alg": "RS256"
}
]
}
1条答案
按热度按时间qojgxg4l1#
url应该是identityserver的url,如下所示https://localhost:31300. 不是jwks文档本身的完整路径。