[英]Can't verify JWT
我正在尝试为苹果搜索广告创建一个 JWT 令牌,如下例所示: https ://developer.apple.com/documentation/apple_search_ads/implementing_oauth_for_the_apple_search_ads_api
我像这样生成了我的私钥:
openssl ecparam -genkey -name prime256v1 -noout -out private-key.pem
和这样的公钥:
openssl ec -in private-key.pem -pubout -out public-key.pem
然后我确实喜欢这样:
import jwt
import datetime as dt
client_id = "SEARCHADS.XXXXXXXXXXXXXXXXXXXXXXX"
team_id = "SEARCHADS.XXXXXXXXXXXXXXXXXXXXXXX"
key_id = "XXXXXXXXXXXXXXXXXXXXXXX"
audience = "https://appleid.apple.com"
alg = "ES256"
# Define issue timestamp.
issued_at_timestamp = int(dt.datetime.utcnow().timestamp())
# Define expiration timestamp. May not exceed 180 days from issue timestamp.
expiration_timestamp = issued_at_timestamp + 86400 * 180
# Define JWT headers.
headers = dict()
headers["alg"] = alg
headers["kid"] = key_id
# Define JWT payload.
payload = dict()
payload["sub"] = client_id
payload["aud"] = audience
payload["iat"] = issued_at_timestamp
payload["exp"] = expiration_timestamp
payload["iss"] = team_id
# Path to signed private key.
KEY_FILE = "private-key.pem"
with open(KEY_FILE, "r") as key_file:
key = "".join(key_file.readlines())
client_secret = jwt.encode(payload=payload, headers=headers, algorithm=alg, key=key)
with open("client_secret.txt", "w") as output:
output.write(client_secret.decode("utf-8"))
SearchAds_PrivateKey.pem 是这样的:
-----BEGIN EC PRIVATE KEY-----
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
-----END EC PRIVATE KEY-----
生成的令牌在 jwt.io 上的签名无效。
我发现了这个主题: KJUR jws jsrsasign:无法在 JWT.io 上验证 ES256 令牌,我尝试了解决方案,但它对我不起作用
您采取的步骤是正确的。 要在jwt.io中测试 jwt,如下图所示,您应该分别使用您的 JWT 和您的公钥填写Encoded
和VERIFY SIGNATURE
部分。 然后你会看到签名将被验证!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.