JWT Field＆＃x27; kid＆＃x27;出现在标题中，要求在有效载荷中

发布于 2025-02-13 02:27:00 字数 837 浏览 0 评论 0原文

我正在产生JWT令牌。但是对JWT令牌的要求是，一个称为密钥ID的字段应出现在JWT的有效载荷中，但它出现在标题中。我该如何实现？

我的代码：

    Algorithm algorithm = Algorithm.HMAC256(Objects.requireNonNull(environment.getProperty("signing_secret")).getBytes());

    Map<String, Object> headers = new HashMap<>();
    headers.put("dd-ver", environment.getProperty("version"));
    headers.put("auth-version", environment.getProperty("auth-version"));

    String token = JWT.create()
        .withHeader(headers)
        .withAudience(environment.getProperty("audience"))
        .withIssuer(environment.getProperty("developer_id"))
        .withKeyId(environment.getProperty("key_id"))
        .withIssuedAt(new Date(System.currentTimeMillis()))
        .withExpiresAt(new Date(System.currentTimeMillis() + THIRTY_MINUTES))
        .sign(algorithm);

原文

I am generating a JWT token.
But the requirement for the JWT token is, that a field called key id 'kid' should appear in the payload of the JWT, but it is appearing in the header. How can I achieve that?

my code:

    Algorithm algorithm = Algorithm.HMAC256(Objects.requireNonNull(environment.getProperty("signing_secret")).getBytes());

    Map<String, Object> headers = new HashMap<>();
    headers.put("dd-ver", environment.getProperty("version"));
    headers.put("auth-version", environment.getProperty("auth-version"));

    String token = JWT.create()
        .withHeader(headers)
        .withAudience(environment.getProperty("audience"))
        .withIssuer(environment.getProperty("developer_id"))
        .withKeyId(environment.getProperty("key_id"))
        .withIssuedAt(new Date(System.currentTimeMillis()))
        .withExpiresAt(new Date(System.currentTimeMillis() + THIRTY_MINUTES))
        .sign(algorithm);

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

千秋岁 2025-02-20 02:27:00

使用Claim可以将自定义属性添加到JWT主体。您可以像这样编写代码。

String token = JWT.create()
            .withHeader(headers)
            .withAudience(environment.getProperty("audience"))
            .withIssuer(environment.getProperty("developer_id"))
            .withClaim("kid",environment.getProperty("key_id"))
            .withIssuedAt(new Date(System.currentTimeMillis()))
            .withExpiresAt(new Date(System.currentTimeMillis() + THIRTY_MINUTES))
            .sign(algorithm);

我们可以从com.auth0.jwt.jwtcreator中找到一些插图：

        /**
         * Add a custom Claim value.
         *
         * @param name  the Claim's name.
         * @param value the Claim's value.
         * @return this same Builder instance.
         * @throws IllegalArgumentException if the name is null.
         */
        public Builder withClaim(String name, String value) throws IllegalArgumentException {
            assertNonNull(name);
            addClaim(name, value);
            return this;
        }

        private void addClaim(String name, Object value) {
            if (value == null) {
                payloadClaims.remove(name);
                return;
            }
            // add custom property to the payload
            payloadClaims.put(name, value);
        }

withClaim can add a custom property to JWT body. You can write your code like this.

String token = JWT.create()
            .withHeader(headers)
            .withAudience(environment.getProperty("audience"))
            .withIssuer(environment.getProperty("developer_id"))
            .withClaim("kid",environment.getProperty("key_id"))
            .withIssuedAt(new Date(System.currentTimeMillis()))
            .withExpiresAt(new Date(System.currentTimeMillis() + THIRTY_MINUTES))
            .sign(algorithm);

We can find some illustrations from com.auth0.jwt.JWTCreator:

        /**
         * Add a custom Claim value.
         *
         * @param name  the Claim's name.
         * @param value the Claim's value.
         * @return this same Builder instance.
         * @throws IllegalArgumentException if the name is null.
         */
        public Builder withClaim(String name, String value) throws IllegalArgumentException {
            assertNonNull(name);
            addClaim(name, value);
            return this;
        }

        private void addClaim(String name, Object value) {
            if (value == null) {
                payloadClaims.remove(name);
                return;
            }
            // add custom property to the payload
            payloadClaims.put(name, value);
        }

回复收藏 0 原文

~没有更多了~