如何始终通过无效的密钥类型错误生成JWT令牌 [英] How to generate JWT token always through invalid key type error

问题描述

我遇到了这个问题，但真的不知道如何解决，有人可以帮助您提供有效的解决方案吗?

I met this issue and really do not know how to resolve it, can anyone help to provide a working solution?

func GenerateJWT(name, role string) (string, error)  {
    //create a singner for rsa 256
    claims := &jwt.StandardClaims{
        ExpiresAt: 15000,
        Issuer:    "test",
    }

    token :=jwt.NewWithClaims(jwt.SigningMethodES256, claims)
    log.Println("generated toke is ")
    log.Println(token)
    tokenString, err := token.SignedString([]byte("secret"))
....
}

现在我一直都拥有:

密钥的类型无效

key is of invalid type

错误.我在Google上搜索了很多，甚至对于jwt-go库本身，他们都提供了完全相同的解决方案，但是为什么我一直拥有

error. I google a lot, and even for jwt-go library it self, they are providing exactly same solution, but why I kept having the

密钥的类型无效

key is of invalid type

错误?

任何人都可以帮助提供有关如何在go中生成jwt令牌的工作示例吗?

Can anyone help to provide a working sample about how to generate jwt token in go?

推荐答案

来自自述文件:

ECDSA签名方法(ES256，ES384，ES512)期望* ecdsa.PrivateKey进行签名，而* ecdsa.PublicKey进行验证

The ECDSA signing method (ES256,ES384,ES512) expect *ecdsa.PrivateKey for signing and *ecdsa.PublicKey for validation

因此，使用椭圆曲线键:

So use an elliptic curve key:

package main

import (
        "crypto/ecdsa"
        "crypto/elliptic"
        "crypto/rand"
        "log"

        jwt "github.com/dgrijalva/jwt-go"
)

func main() {
        key, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
        if err != nil {
                log.Fatal(err)
        }

        claims := &jwt.StandardClaims{
                ExpiresAt: 15000,
                Issuer:    "test",
        }

        token := jwt.NewWithClaims(jwt.SigningMethodES256, claims)

        tokenString, err := token.SignedString(key)
        if err != nil {
                log.Fatal(err)
        }

        log.Println(tokenString)
}

要存储生成的密钥以供以后与jwt.ParseECPrivateKeyFromPEM和jwt.ParseECPublicKeyFromPEM一起使用:

To store the generated key for later use with jwt.ParseECPrivateKeyFromPEM and jwt.ParseECPublicKeyFromPEM:

import (
        "crypto/ecdsa"
        "crypto/x509"
        "encoding/pem"
)

func pemKeyPair(key *ecdsa.PrivateKey) (privKeyPEM []byte, pubKeyPEM []byte, err error) {
        der, err := x509.MarshalECPrivateKey(key)
        if err != nil {
                return nil, nil, err
        }

        privKeyPEM = pem.EncodeToMemory(&pem.Block{
                Type:  "EC PRIVATE KEY",
                Bytes: der,
        })

        der, err = x509.MarshalPKIXPublicKey(key.Public())
        if err != nil {
                return nil, nil, err
        }

        pubKeyPEM = pem.EncodeToMemory(&pem.Block{
                Type:  "EC PUBLIC KEY",
                Bytes: der,
        })

        return
}

这篇关于如何始终通过无效的密钥类型错误生成JWT令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！