• <tfoot id='Romnt'></tfoot>
    <legend id='Romnt'><style id='Romnt'><dir id='Romnt'><q id='Romnt'></q></dir></style></legend>

    3. <i id='Romnt'><tr id='Romnt'><dt id='Romnt'><q id='Romnt'><span id='Romnt'><b id='Romnt'><form id='Romnt'><ins id='Romnt'></ins><ul id='Romnt'></ul><sub id='Romnt'></sub></form><legend id='Romnt'></legend><bdo id='Romnt'><pre id='Romnt'><center id='Romnt'></center></pre></bdo></b><th id='Romnt'></th></span></q></dt></tr></i><div id='Romnt'><tfoot id='Romnt'></tfoot><dl id='Romnt'><fieldset id='Romnt'></fieldset></dl></div>

      6. <small id='Romnt'></small><noframes id='Romnt'>

          <bdo id='Romnt'></bdo><ul id='Romnt'></ul>
        

        

        




        


        


        

        

        PHP 中的 JWT(JSON Web 令牌),不使用 3rd-party 库.怎么签?
        
时间:2023-12-01

        
    

              • <bdo id='GXP85'></bdo><ul id='GXP85'></ul>
                <small id='GXP85'></small><noframes id='GXP85'>
                <i id='GXP85'><tr id='GXP85'><dt id='GXP85'><q id='GXP85'><span id='GXP85'><b id='GXP85'><form id='GXP85'><ins id='GXP85'></ins><ul id='GXP85'></ul><sub id='GXP85'></sub></form><legend id='GXP85'></legend><bdo id='GXP85'><pre id='GXP85'><center id='GXP85'></center></pre></bdo></b><th id='GXP85'></th></span></q></dt></tr></i><div id='GXP85'><tfoot id='GXP85'></tfoot><dl id='GXP85'><fieldset id='GXP85'></fieldset></dl></div>
              • <legend id='GXP85'><style id='GXP85'><dir id='GXP85'><q id='GXP85'></q></dir></style></legend>
                    <tbody id='GXP85'></tbody>
                  <tfoot id='GXP85'></tfoot>
                  
                            本文介绍了PHP 中的 JWT(JSON Web 令牌),不使用 3rd-party 库.怎么签?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着跟版网的小编来一起学习吧!
                        
                  
                        
                  问题描述
                  
                        
                  
                            
                        
                  
                        
                  有一些库可以在 PHP 中实现 JSON Web Tokens (JWT),例如 php-jwt.我正在编写自己的非常小而简单的课程,但无法弄清楚为什么我的签名无法通过验证here,即使我已经试图坚持标准.我已经尝试了几个小时,但我被卡住了.请帮忙!
                  

                  There are a few libraries for implementing JSON Web Tokens (JWT) in PHP, such as php-jwt.  I am writing my own, very small and simple class but cannot figure out why my signature fails validation here even though I've tried to stick to the standard.  I've been trying for hours and I'm stuck. Please help!
                  

                  我的代码很简单
                  

                  //build the headers
$headers = ['alg'=>'HS256','typ'=>'JWT'];
$headers_encoded = base64url_encode(json_encode($headers));

//build the payload
$payload = ['sub'=>'1234567890','name'=>'John Doe', 'admin'=>true];
$payload_encoded = base64url_encode(json_encode($payload));

//build the signature
$key = 'secret';
$signature = hash_hmac('SHA256',"$headers_encoded.$payload_encoded",$key);

//build and return the token
$token = "$headers_encoded.$payload_encoded.$signature";
echo $token;

                  

                  base64url_encode 函数:
                  

                  function base64url_encode($data) {
    return rtrim(strtr(base64_encode($data), '+/', '-_'), '=');
}

                  

                  我的标头和有效负载完全匹配 验证站点的 默认 JWT,但我的签名不匹配,所以我的令牌是标记为无效.这个标准看起来很简单,所以我的签名有什么问题?
                  

                  My headers and payload perfectly match the validation site's default JWT, but my signature doesn't match so my token is flagged as invalid.  This standard seems really straightforward so what's wrong with my signature?
                  

                  推荐答案
                  

                  我解决了!我没有意识到签名本身需要进行 base64 编码.此外,我需要将 hash_hmac 函数的最后一个可选参数设置为 $raw_output=true(参见 文档.简而言之,我需要更改原始代码:
                  

                  I solved it!  I did not realize that the signature itself needs to be base64 encoded. In addition, I needed to set the last optional parameter of the hash_hmac function to $raw_output=true (see the docs.  In short I needed to change my code from the original:
                  

                  //build the signature
$key = 'secret';
$signature = hash_hmac('sha256',"$headers_encoded.$payload_encoded",$key);

//build and return the token
$token = "$headers_encoded.$payload_encoded.$signature";

                  

                  致更正:
                  

                  //build the signature
$key = 'secret';
$signature = hash_hmac('sha256',"$headers_encoded.$payload_encoded",$key,true);
$signature_encoded = base64url_encode($signature);

//build and return the token
$token = "$headers_encoded.$payload_encoded.$signature_encoded";
echo $token;

                  

                        
                  这篇关于PHP 中的 JWT(JSON Web 令牌),不使用 3rd-party 库.怎么签?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!
                  

                  

                  
上一篇:PHP DOMDocument 的类 jQuery 选择器 
下一篇:如何验证来自“Sign In with Apple"的代码? 

                  

                   

                  相关文章
                  



                  

                  

                  Copyright © 2022-2023 深圳市沃梦达电子商务有限公司 All Rights Reserved. 
                  


                  

                  


                    2. <i id='kvaTV'><tr id='kvaTV'><dt id='kvaTV'><q id='kvaTV'><span id='kvaTV'><b id='kvaTV'><form id='kvaTV'><ins id='kvaTV'></ins><ul id='kvaTV'></ul><sub id='kvaTV'></sub></form><legend id='kvaTV'></legend><bdo id='kvaTV'><pre id='kvaTV'><center id='kvaTV'></center></pre></bdo></b><th id='kvaTV'></th></span></q></dt></tr></i><div id='kvaTV'><tfoot id='kvaTV'></tfoot><dl id='kvaTV'><fieldset id='kvaTV'></fieldset></dl></div>
                    <small id='kvaTV'></small><noframes id='kvaTV'>
                      <legend id='kvaTV'><style id='kvaTV'><dir id='kvaTV'><q id='kvaTV'></q></dir></style></legend>
                      1. <bdo id='kvaTV'></bdo><ul id='kvaTV'></ul>
                      <tfoot id='kvaTV'></tfoot>