ruby-jwt编码,用RS256算法解码

问题描述 投票:1回答:1

在RSA256算法中编码和解码令牌时,似乎我们总是初始化并使用相同的私钥:

payload = {:data => 'test'}
rsa_private = OpenSSL::PKey::RSA.generate 2048
rsa_public = rsa_private.public_key

token = JWT.encode payload, rsa_private, 'RS256'
# eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJ0ZXN0IjoiZGF0YSJ9.c2FynXNyi6_PeKxrDGxfS3OLwQ8lTDbWBWdq7oMviCy2ZfFpzvW2E_odCWJrbLof-eplHCsKzW7MGAntHMALXgclm_Cs9i2Exi6BZHzpr9suYkrhIjwqV1tCgMBCQpdeMwIq6SyKVjgH3L51ivIt0-GDDPDH1Rcut3jRQzp3Q35bg3tcI2iVg7t3Msvl9QrxXAdYNFiS5KXH22aJZ8X_O2HgqVYBXfSB1ygTYUmKTIIyLbntPQ7R22rFko1knGWOgQCoYXwbtpuKRZVFrxX958L2gUWgb4jEQNf3fhOtkBm1mJpj-7BGst00o8g_3P2zHy-3aKgpPo1XlKQGjRrrxA
puts token

decoded_token = JWT.decode token, rsa_public, true, { :algorithm => 'RS256' }

# Array
# [
#   {"data"=>"test"}, # payload
#   {"alg"=>"RS256"} # header
# ]
puts decoded_token

但是在Rails 5.1应用程序中,最好的方法是什么?

ruby-on-rails jwt
1个回答
2
投票

我想出了如何解决这个问题。所以我有一个类JsonWebTokenwith 2类方法:encodeand decodedefined如下:

class JsonWebToken

  ALGO = 'RS256'

  class << self

    def encode(payload, exp = 2.hours.from_now)
      # set expiry to 2 hours from creation time
      payload[:exp] = exp.to_i
      JWT.encode(payload, private_key, ALGO)
    end

    def decode(token)
      body = JWT.decode(token, private_key.public_key, true, algorithm: ALGO)[0]
      HashWithIndifferentAccess.new body
      # rescue from expiry exception
    rescue JWT::ExpiredSignature, JWT::VerificationError => e
      # raise custom error to be handled by custom handler
      raise ExceptionHandler::ExpiredSignature, e.message
    end  

    private

      def private_key
        @rsa_private ||= OpenSSL::PKey::RSA.generate 2048
      end
  end

end

我只是使用另一个私有静态方法来生成rsa私钥(如果需要)。

© www.soinside.com 2019 - 2024. All rights reserved.