如何使用 TinyGo 解码 JWT 令牌
[英]How to decode a JWT token with TinyGo
问题描述
We have a JWT token that we need to decode, the issue is that we are using TinyGo and some libraries are not supported , How can it be done for TinyGo / core Go libraries which is already supported?
我们有一个需要解码的 JWT 令牌,问题是我们正在使用TinyGo并且不支持某些库,对于已经支持的 TinyGo/核心 Go 库,如何做到这一点? I want to print the "name" value:我想打印“名称”值:
I'm not able to get the name, any idea?我无法得到名字,知道吗?
func main() {
token := `eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c`
base64String := base64.StdEncoding.EncodeToString([]byte(token))
decodedData, err := base64.StdEncoding.DecodeString(base64String)
if err != nil {
panic(err)
}
name := decodedData["name"]
fmt.Println(name)
}
The decoded token is:解码后的令牌是:
PAYLOAD
{
"sub": "1234567890",
"name": "John Doe",
"iat": 1516239022
}
See this example token from https://jwt.io从https://jwt.io查看此示例令牌
1 个解决方案
解决方案1
3 已采纳 2021-06-28 10:09:25
Decoding and getting the name part is easy.解码和获取name部分很容易。 But this does not ensure the token is valid, meaning the owner of the token is truly what the name says!但这并不能确保令牌有效,这意味着令牌的所有者确实如其名!
JWT tokens just contain the base64 encoded forms of a header, payload and signature parts, connected with a . JWT令牌仅包含标头、有效负载和签名部分的 base64 编码形式,并与. . . So just split the token by .所以只需将令牌拆分为. , decode the base64 string and you may use json.Unmarshal() to convert the header and playload parts to maps or structs. , 解码 base64 字符串,您可以使用json.Unmarshal()将标题和json.Unmarshal()部分转换为地图或结构。
You must verify the signature to ensure the name is valid.您必须验证签名以确保名称有效。 If you don't perform signature verification, a token may easily be forged to pose as anyone.如果您不执行签名验证,则很容易伪造令牌以冒充任何人。 Signature verification is exactly what JWT libs do (besides parsing and generating tokens).签名验证正是 JWT 库所做的(除了解析和生成令牌)。 How to do that, check the sources of JWT libs.如何做到这一点,请检查 JWT 库的来源。 I also believe there are open-source libs that process JWT tokens that also work with tiny-go.我也相信有处理 JWT 令牌的开源库也适用于 tiny-go。
Example code to decode the parts and print the name :解码部件并打印name示例代码:
token := `eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c`
for i, part := range strings.Split(token, ".") {
fmt.Printf("[%d] part: %s\n", i, part)
decoded, err := base64.RawURLEncoding.DecodeString(part)
if err != nil {
panic(err)
}
fmt.Println("decoded:", string(decoded))
if i != 1 {
continue // i == 1 is the payload
}
var m map[string]interface{}
if err := json.Unmarshal(decoded, &m); err != nil {
fmt.Println("json decoding failed:", err)
continue
}
if name, ok := m["name"]; ok {
fmt.Println("name:", name)
}
}
Which outputs (try it on the Go Playground ):哪些输出(在Go Playground上试试):
[0] part: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9
decoded: {"alg":"HS256","typ":"JWT"}
[1] part: eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ
decoded: {"sub":"1234567890","name":"John Doe","iat":1516239022}
name: John Doe
[2] part: SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c
decoded: I�J�IHNJ(]�O���lj~�:N�%_�u,×
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.