JWT 令牌中允许使用哪些字符? [英] what characters are allowed in a JWT token?
问题描述
我看到 JWT 令牌由 A-Z、a-Z、0-9 和特殊字符 -
和 _
组成.我想知道 JWT 令牌中允许的字符列表?
I saw JWT token consists of A-Z,a-Z,0-9 and special characters -
and _
. I want to know the list of characters that are allowed in a JWT token?
推荐答案
来自JWT介绍:输出是三个用点分隔的 Base64-URL 字符串.
From the JWT introduction: "The output is three Base64-URL strings separated by dots".
Base64 有一个 不同变体的数量,具体取决于编码的使用位置.典型的 MIME base64 将使用 +/
作为最后两个字符,但 Base64-URL (RFC 4648 §5) 旨在用于 URL 和文件名,因此请改用 -_
.
Base64 has a number of different variants depending on where the encoding will be used. Typical MIME base64 will use +/
as the final two characters, but Base64-URL (RFC 4648 §5) is intended to be used in URLs and filenames, so uses -_
instead.
因此,JWT 将使用字符 a–z、A–Z、0–9 和 -_.
.或者,作为正则表达式:
Therefore a JWT will use the characters a–z, A–Z, 0–9, and -_.
. Or, as a regular expression:
[a-zA-Z0-9-_.]+
如果您想改进正则表达式以匹配所描述的格式:
If you want to improve on the regex to match the format described:
^[a-zA-Z0-9-_]+.[a-zA-Z0-9-_]+.[a-zA-Z0-9-_]+$
这篇关于JWT 令牌中允许使用哪些字符?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!