在 jwt-go 中解析 JWT Auth 令牌时,密钥的类型无效
[英]Key is of Invalid Type when parsing JWT Auth token in jwt-go
问题描述
I am setting up security middleware in a GoLang API and seem to have everything set up correctly, but I am getting an error 'key is of invalid type'.
我正在 GoLang API 中设置安全中间件并且似乎所有设置都正确,但我收到错误“密钥类型无效”。
I have confirmed that my Signing algorithm is RS256 and the middleware options are configured @ SigningMethod: jwt.SigningMethodRS256我已经确认我的签名算法是 RS256 并且配置了中间件选项@SigningMethod: jwt.SigningMethodRS256
I have a valid token…everything else in the middleware passes.我有一个有效的令牌……中间件中的所有其他东西都通过了。
The entry point to this error in the middleware is the jwt.ParseRSAPrivateKeyFromPEM method.中间件中此错误的入口点是 jwt.ParseRSAPrivateKeyFromPEM 方法。
I've isolated the error down inside the package github.com/dgrijalva/jwt-go/rsa.go Verify() on line :62 is the ErrInvalidKeyType that is getting thrown.我已经在包 github.com/dgrijalva/jwt-go/rsa.go 中隔离了错误:第 62 行验证()是被抛出的 ErrInvalidKeyType。 All the params up to the this point seem solid and appropriate (eg m|signingString|signature|key) but this key.(*rsa.PublicKey) is failing…in my debugger (GoLand) I inspect *rsa and am given the response 'could not find symbol value for rsa'…到目前为止的所有参数似乎都是可靠且合适的(例如 m|signingString|signature|key),但是这个键。(*rsa.PublicKey) 失败了……在我的调试器 (GoLand) 中,我检查了 *rsa 并得到了响应'找不到 rsa 的符号值'...
if rsaKey, ok = key.(*rsa.PublicKey); !ok {
return ErrInvalidKeyType
}
please note…if it's not already too obvious…i'm noob to GoLang请注意……如果还不太明显……我是 GoLang 的菜鸟
----- UPDATE ----- - - - 更新 - - -
So at the most granular level the panic starts at go/1.12.8/libexec/src/crypto/rsa/rsa.go:49 with因此,在最细粒度的级别上,恐慌始于 go/1.12.8/libexec/src/crypto/rsa/rsa.go:49
func (pub *PublicKey) Size() int {
log.Printf("SIZE ::: %v :: %v",pub.N.BitLen(), pub.N)
return (pub.N.BitLen() + 7) / 8
}
The pub is seen as a nil pointer dereference. pub 被视为一个 nil 指针取消引用。 I trace it back to mux -->我将其追溯到 mux -->
crypto/rsa.VerifyPKCS1v15(...) /usr/local/Cellar/go/1.12.8/libexec/src/crypto/rsa/pkcs1v15.go:275
github.com/dgrijalva/jwt-go.(*SigningMethodRSA).Verify(...) /Users/me/Sandbox/src/github.com/dgrijalva/jwt-go/rsa.go:73
github.com/dgrijalva/jwt-go.(*Parser).ParseWithClaims(...) /Users/me/Sandbox/src/github.com/dgrijalva/jwt-go/parser.go:77
github.com/dgrijalva/jwt-go.(*Parser).Parse(...) /Users/btschirhart/Sandbox/src/github.com/dgrijalva/jwt-go/parser.go:20
github.com/dgrijalva/jwt-go.Parse(...) /Users/me/Sandbox/src/github.com/dgrijalva/jwt-go/token.go:89
github.com/auth0/go-jwt-middleware.(*JWTMiddleware).CheckJWT(...) /Users/me/Sandbox/src/github.com/auth0/go-jwt-middleware/jwtmiddleware.go:203
github.com/auth0/go-jwt-middleware.(*JWTMiddleware).Handler.func1(...) /Users/me/Sandbox/src/github.com/auth0/go-jwt-middleware/jwtmiddleware.go:110
net/http.HandlerFunc.ServeHTTP(...) /usr/local/Cellar/go/1.12.8/libexec/src/net/http/server.go:1995
github.com/gorilla/mux.(*Router).ServeHTTP(...) /Users/me/Sandbox/src/github.com/gorilla/mux/mux.go:210 +0xe3
1 个解决方案
解决方案1
1 已采纳 2019-08-21 19:57:49
Found the answer.找到了答案。 It's not a real answer, but it did fix the problem.这不是真正的答案,但确实解决了问题。
Instead of '-----BEGIN' and 'END-----' I had used '----BEGIN' and 'END----' to build the cert within my middleware.而不是 '-----BEGIN' 和 'END-----' 我使用了 '----BEGIN' 和 'END----' 在我的中间件中构建证书。
In go/1.12.8/libexec/src/encoding/pem/pem.go:82 there is a check against '-----BEGIN' and if it fails it simply returns nil.在 go/1.12.8/libexec/src/encoding/pem/pem.go:82 中,有一个针对 '-----BEGIN' 的检查,如果它失败,它只会返回 nil。
if bytes.HasPrefix(data, pemStart[1:]) {
rest = rest[len(pemStart)-1 : len(data)]
} else if i := bytes.Index(data, pemStart); i >= 0 {
rest = rest[i+len(pemStart) : len(data)]
} else {
return nil, data
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.