JWT 令牌中允许使用哪些字符? [英] what characters are allowed in a JWT token?

问题描述

我看到 JWT 令牌由 A-Z、a-Z、0-9 和特殊字符 - 和 _ 组成.我想知道 JWT 令牌中允许的字符列表?

I saw JWT token consists of A-Z,a-Z,0-9 and special characters - and _. I want to know the list of characters that are allowed in a JWT token?

推荐答案

来自JWT介绍:输出是三个用点分隔的 Base64-URL 字符串.

From the JWT introduction: "The output is three Base64-URL strings separated by dots".

Base64 有一个 不同变体的数量，具体取决于编码的使用位置.典型的 MIME base64 将使用 +/ 作为最后两个字符，但 Base64-URL (RFC 4648 §5) 旨在用于 URL 和文件名，因此请改用 -_.

Base64 has a number of different variants depending on where the encoding will be used. Typical MIME base64 will use +/ as the final two characters, but Base64-URL (RFC 4648 §5) is intended to be used in URLs and filenames, so uses -_ instead.

因此，JWT 将使用字符 a–z、A–Z、0–9 和 -_..或者，作为正则表达式:

Therefore a JWT will use the characters a–z, A–Z, 0–9, and -_.. Or, as a regular expression:

[a-zA-Z0-9-_.]+

如果您想改进正则表达式以匹配所描述的格式:

If you want to improve on the regex to match the format described:

^[a-zA-Z0-9-_]+.[a-zA-Z0-9-_]+.[a-zA-Z0-9-_]+$ 

这篇关于JWT 令牌中允许使用哪些字符?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！