如何使用Node.js创建与LetsEncrypt兼容的JWT?
[英]How to create a LetsEncrypt compatible JWT with Node.js?
问题描述
I am trying to POST a JSON Web Token to the Lets Encrypt new registration endpoint using Node.js. 
我正在尝试使用Node.js将JSON Web令牌发布到Lets Encrypt 新的注册端点 。 How do I create this token? 如何创建此令牌? This is some code I've been experimenting with to try to generate a token that Let's Encrypt's webserver will accept: 这是我正在尝试的一些代码,试图生成一个令牌,Let's Encrypt的网络服务器将接受该令牌:
var jwt = require('jsonwebtoken');
var jws = require('jws');
var crypto = require('crypto');
var pem = require('pem');
var jose = require('node-jose');
var keystore = jose.JWK.createKeyStore();
var key;
var props = {
//kid: 'gBdaS-adsfasdfasdfsa',
alg: 'HS256',
//use: 'enc',
n: "pK7LuT2hxkWnYRl1Tcw9iAy9-_TqvHp2wh6EcHq_wglsNmtpxAe9gNGZevWu6T2O1aEmPYkgy7Q1meKNifenFuWicDcSSenkMM0JApfdveiVqjBA81EL0Y76T8i2JolggGXbiSa_ZRGwG-0FPDSIX3Jy5mQgOn-t-zrhD9yLDn2N7zzFqCBOtxzrwz1HEtN8QWZAFAzOceyyL6C791lGOk9SYYekxyuZkwkzhDEsoqR7fN6hmu6IfIU8hF5kt8M_Gef30wt5dUESvcTNdmQmq_L1QYA8qYO6-T0mC0zIpHpwQnANYOSZBCz1uE-vwS17MlfnUwGkPHJXWThlMZqZmQ",
e: "AQAB"
};
keystore.generate("oct", 256, props).
then(function(result) {
console.log(result);
var obj = {
header: {
alg: "HS256",
jwk: result,
nonce: "kajdfksajdf39393"
},
payload: {
"resource": "new-reg",
"contact": [
"mailto:cert-admin@example.com",
"tel:+12025551212"
]
},
secret: 'has a van',
};
const signature = jws.sign(obj);
console.log(signature);
});
}
This actually does generate a valid JWT: 实际上,这确实会生成有效的JWT:
.eyJyZXNvdXJjZSI6Im5ldy1yZWciLCJjb250YWN0IjpbIm1haWx0bzpjZXJ0LWFkbWluQGV4YW1wbGUuY29tIiwidGVsOisxMjAyNTU1MTIxMiJdfQ.RiHTdM_k1eLUJaGx4b59w8-hEQ-J0SpZjPIeGWhh1yg
However, when I try to POST it to the new registration endpoint, I get the following error: 但是,当我尝试将其发布到新的注册端点时,出现以下错误:
{ "type": "urn:acme:error:malformed", "detail": "Parse error reading JWS", "status": 400 }
The testing code is a collection of code snippets I've put together after Googling this for a few hours. 测试代码是我在Google搜索了几个小时后整理而成的代码片段的集合。 I understand there are LetsEncrypt servers I can run, but don't want to do that . 我了解有可以运行的LetsEncrypt服务器,但不想这样做 。 I want to actually generate the requests and callbacks directly in Node.js because I want to run all this from AWS Lambda functions (no servers involved here). 我实际上想直接在Node.js中生成请求和回调,因为我想从AWS Lambda函数(此处不涉及服务器)运行所有这些请求和回调。
I did find one example of a JWT token that actually seems to work , sort of. 我确实找到了一个JWT令牌的示例,该示例似乎确实有效 。 I say "sort of" because the response from this example is: 我说“ sort of”是因为该示例的响应是:
{ "type": "urn:acme:error:badNonce", "detail": "JWS has invalid anti-replay nonce 5H63XwyOHKpAETFpHR8stXSkhkqhlAY1xV7VsCnOrs", "status": 400}
This at least tells me the JWT token is being parsed and the Nonce is being looked at. 这至少告诉我正在解析JWT令牌并正在查看Nonce。 When I decode this JWT, I see this: 当我解码此JWT时,会看到以下内容:
It looks like this guy used RSA 256 to create this JWT. 看起来这个家伙使用RSA 256创建了这个JWT。 I'm not sure where the values "e" and "n" came from? 我不确定值“ e”和“ n”来自何处?
How do I recreate the above working sample with Node.JS / Jose? 如何使用Node.JS / Jose重新创建上述工作示例?
1 个解决方案
解决方案1
0 已采纳 2016-11-20 20:09:48
I think the answer here is to just use the letsencrypt node.js NPM package. 我认为这里的答案是仅使用letencrypt node.js NPM软件包。 No need to develop ACME protocol from scratch, as this library seems to do it. 无需从头开始开发ACME协议,因为该库似乎可以做到。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.