如何用R语言生成JWS
[英]How to generate JWS in R language
问题描述
I try to generate JWT for google-oauth2.0 ServiceAccount. 
我尝试为google-oauth2.0 ServiceAccount生成JWT。
I set up header and payload (claim). 我设置了标题和有效负载(声明)。 But when I try to sigh base64header.base64claim with RSASHA256 I get incorrect signature. 但是当我尝试用RSASHA256叹气base64header.base64claim时,我的签名不正确。 I found only one function in PKI package that alows to sign contet with RSA with specified hash function. 我发现PKI包中只有一个函数可以使用指定的哈希函数与RSA签名。
How did I figure that my signature incorrect? 我怎么知道我的签名不正确? I found resource that can generate JWT from inputs and private KEY. 我找到了可以从输入和私有KEY生成JWT的资源 。
So all I can see, that my signture from R functions differs from jwt.io signature. 所以我只能看到,R函数的结果与jwt.io签名不同。 I've tested requests for https://www.googleapis.com/oauth2/v3/token with both of JWT tokens, and jwt.io one was working. 我用两个JWT令牌测试了对https://www.googleapis.com/oauth2/v3/token的请求,并且jwt.io正在运行。
This part is for JWT header. 这部分是针对JWT标题的。
library(base64enc)
library(jsonlite)
library(PKI)
#JWT header set up
alg <- "RS256"
typ <- "JWT"
header <- list("alg" = alg, "typ" = typ)
h <- toJSON(header, auto_unbox=TRUE)
enc.header <- base64encode(charToRaw(h))
This part is for JWT claim (payload) 这部分是针对JWT索赔(有效载荷)
iss <- "165724828594-mkuchqogmjapbl7mpfn0e7f7o3qlrqsr@developer.gserviceaccount.com"
scope <- "https://www.googleapis.com/auth/analytics.readonly"
aud <- "https://www.googleapis.com/oauth2/v3/token"
iat <- as.integer(as.POSIXct(Sys.time()))
exp <- iat+3600
claim <- list("iss" = iss, "scope" = scope, "aud" = aud, "exp" = exp, "iat" = iat)
cl <- toJSON(claim, auto_unbox=TRUE)
enc.claim <- base64encode(charToRaw(cl))
And this is my problem. 这是我的问题。
y <- file("~/keys/euroset-test-70c2d0d4eed1.pem")
key <- PKI.load.key(y)
what <- paste(enc.header,enc.claim, sep=".")
JWS <- PKI.sign(what, key, "SHA256")
enc.sign <- base64encode(JWS)
JWT <- paste(what,enc.sign, sep=".")
JWT
Any help, please? 有什么帮助吗? I've stucked with JWS for 4 days already.( 我已经坚持了JWS 4天了。(
2 个解决方案
解决方案1
0 已采纳 2015-08-18 10:05:04
Finally I've found a problem place. 最后我发现了一个问题所在。 It's always been about base64encoding. 它一直是关于base64encoding。 I've checked Correct and Inctorrect JWTs and found some pattern. 我检查了正确和不正确的JWT并找到了一些模式。 Incorrect one have had "==" in payload and signature, I've replaced it with "" . 不正确的一个在有效载荷和签名中有"==" ,我已用""替换它。 Also in signature all "/" I've replaced with "_" , and all "+" with "-" . 同样在签名中所有"/"我用"_"替换,所有"+"用"-"替换。 Hope it will give a hint to peopple with the same issue. 希望它会给出同样问题的暗示。
解决方案2
0 2015-08-25 18:43:42
https://github.com/hadley/httr/blob/master/R/oauth-server-side.R https://github.com/hadley/httr/blob/master/R/oauth-server-side.R
This is the code for getting the token which works for some of the Google APIs (but not for the cloud which is what I need.. let me know if you got it working). 这是获取适用于某些Google API的令牌的代码(但不适用于我需要的云...如果你让它工作,请告诉我)。 Also, the httr oauth_service_token is a lot easier to use than coding your own. 此外,httr oauth_service_token比编写自己的更容易使用。
init_oauth_service_account <- function(endpoint, secrets, scope = NULL) {
signature <- jwt_signature(secrets, scope = scope)
res <- POST(endpoint$access, body = list(
grant_type = "urn:ietf:params:oauth:grant-type:jwt-bearer",
assertion = signature
), encode = "form")
stop_for_status(res)
content(res, type = "application/json")
}
...
jwt_base64 <- function(x) base64url(jwt_json(x))
jwt_json <- function(x) jsonlite::toJSON(x, auto_unbox = TRUE)
base64url <- function(x) {
if (is.character(x)) {
x <- charToRaw(x)
}
out <- chartr('+/', '-_', base64enc::base64encode(x))
gsub("=+$", "", out)
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.