我在 Web 应用程序中使用 warp 回复 json 格式为 oAuth 流程创建公钥/私钥对。私钥在 warp 端点中以 json 形式返回给 api 中的用户,如下所示,
实际产量
{
"token_uri": "http://example.com/token",
"kid": "keyid",
"private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC/Z0MgEolvLiwM\nNWpRR+xN6+sXNZh9HU7ignGMgieHz147D/ti7kD1cb14F9Sfp2CewfjwapdMjkhF\n/7sytl54ylNV5ID9EIBDlbbJ78IdEu4CzvbdhBP32k5IEQCACI4wMQmqLRj01Wbg\nl0ihNPkNFkuVxfmSC5ozJuiVXsR/rCg7GP9w880tkJI50ZoUNwClaLOXWph151Es\njc0HDgrYaDISzLB8qLxEBQCTBLz9OWz38rV0bfLGnBRYZjFx4gzkuZbjJfE2w3XQ\nuAl08A0THdNztffoWQLED98jxBj3Y5PRsiC9oqccKb51crohYe426GnfiaAGiPQy\njGI+2ZBRAgMBAAECggEAS+VjbZ1MF+UEHFc18EMHxaIt10cuTzZG6HR3GBMoH6cv\no1XkBceZxHm0eqFgc2pIWstprdNmaTnmGLOeBC7iaR05TE7Ogwp/Ac2k7JAAtcyi\nykRNCWttC5PqBJORUjOSRjO7tForkjHomFgEub+qnfDgSeR14N5u56efBFPOsRzf\nIjAMO6lkYcGHa9hFSpzCNp319gH4yIXL+jXUs+3oyOruHVWHtRVTriGZ7eFgs6lU\ngSt6+1V59gKjQtYHWWVEsE3f9YIB2zmFaQWHsK1qK3CAf5lNhsfDMXFNrNWSu+SB\nMPWcNdxY7tdbfjPC4srJSs/YIfhEhuqLK6cR6Z8gwQKBgQD4dNluCVPIllWiPi95\npeztrYDVmVYVDU0XKZ01EDqydDWJyUWYuMG77g/vPokrYHRB+rCYTDbpsO3d7qB9\ntJoTOhJ1juPqmgbUwZEKokb64KKg+JMGH0elAD0mlIcxrkkvppapA/WGTXV84Nf8\n4tTCWKoyUiyi8jZfby8rIpzAiQKBgQDFNvZraXsTcdikQQcAGclK6zdAVf0J1OE6\nb1zZFQhlao38hWz/NdbvwHvtqhNgx7r9eO3Jg250atFHm8YD+OTQPz2xBecbTBeY\n/F3tiD6NiL2TClBlaB7aR9KchaFypOmtR02UFPh4o0cX03s8D8qmr30MOBkjqgxm\nspNU35qPiQKBgQCdVnHyqtlx5zHngnXSFW9KvFsf6PCIeFnfVy0E03g4VjspPFpk\ncmvNNN7GZNW8sGIu/jAi4fDMYIzhxCHCOUJw9o+F/qz6ffvhc4sELuvAJ80VHxUM\nBXb7WIFhEyHiJjqWgGpcMfOjzx2drU1aCdMuF7QAFeXKcpRYLzKxoEOf8QKBgQCx\nw14Q6a4vk8HkJF0sARJI/oX57sg70XAG3RSC9AtyZr5/LMFXtW79ArJyQohfBwmM\nqjEkH90zAImNk2LEd9e/whFYfGqZV1g55NjBX7qKlwPSA0z+awDMXksAHQ+up+md\n8BSEcvaYvww49L4zIETZRHthxTsbw46UD0jwCvFliQKBgHfJRPg9u2OCZF+jOtK2\nswI2r+4/q7Ki7mBuHlnceRDfgb+1lvv2QmM0M/p6ijf7/SequksdJSr2jLmCp/K3\nHwSFaGgoHSt/nkcCCi7LR9fhM2MeLrEIV4E937Ii2wkt5/JXGwwYPbadELPb84On\nq0oUrqcHheFb4aCv1N5io6ok\n-----END PRIVATE KEY-----\n"
}
其中私钥带有换行符( ) 在 JSON 中。是否可以将私钥格式化为json格式,如下所示?
预期产量
{
"token_uri": "http://example.com/token",
"kid": "keyid",
"private_key": "-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC/Z0MgEolvLiwM
NWpRR+xN6+sXNZh9HU7ignGMgieHz147D/ti7kD1cb14F9Sfp2CewfjwapdMjkhF
/7sytl54ylNV5ID9EIBDlbbJ78IdEu4CzvbdhBP32k5IEQCACI4wMQmqLRj01Wbg
l0ihNPkNFkuVxfmSC5ozJuiVXsR/rCg7GP9w880tkJI50ZoUNwClaLOXWph151Es
jc0HDgrYaDISzLB8qLxEBQCTBLz9OWz38rV0bfLGnBRYZjFx4gzkuZbjJfE2w3XQ
uAl08A0THdNztffoWQLED98jxBj3Y5PRsiC9oqccKb51crohYe426GnfiaAGiPQy
jGI+2ZBRAgMBAAECggEAS+VjbZ1MF+UEHFc18EMHxaIt10cuTzZG6HR3GBMoH6cv
o1XkBceZxHm0eqFgc2pIWstprdNmaTnmGLOeBC7iaR05TE7Ogwp/Ac2k7JAAtcyi
ykRNCWttC5PqBJORUjOSRjO7tForkjHomFgEub+qnfDgSeR14N5u56efBFPOsRzf
IjAMO6lkYcGHa9hFSpzCNp319gH4yIXL+jXUs+3oyOruHVWHtRVTriGZ7eFgs6lU
gSt6+1V59gKjQtYHWWVEsE3f9YIB2zmFaQWHsK1qK3CAf5lNhsfDMXFNrNWSu+SB
MPWcNdxY7tdbfjPC4srJSs/YIfhEhuqLK6cR6Z8gwQKBgQD4dNluCVPIllWiPi95
peztrYDVmVYVDU0XKZ01EDqydDWJyUWYuMG77g/vPokrYHRB+rCYTDbpsO3d7qB9
tJoTOhJ1juPqmgbUwZEKokb64KKg+JMGH0elAD0mlIcxrkkvppapA/WGTXV84Nf8
4tTCWKoyUiyi8jZfby8rIpzAiQKBgQDFNvZraXsTcdikQQcAGclK6zdAVf0J1OE6
b1zZFQhlao38hWz/NdbvwHvtqhNgx7r9eO3Jg250atFHm8YD+OTQPz2xBecbTBeY
/F3tiD6NiL2TClBlaB7aR9KchaFypOmtR02UFPh4o0cX03s8D8qmr30MOBkjqgxm
spNU35qPiQKBgQCdVnHyqtlx5zHngnXSFW9KvFsf6PCIeFnfVy0E03g4VjspPFpk
cmvNNN7GZNW8sGIu/jAi4fDMYIzhxCHCOUJw9o+F/qz6ffvhc4sELuvAJ80VHxUM
BXb7WIFhEyHiJjqWgGpcMfOjzx2drU1aCdMuF7QAFeXKcpRYLzKxoEOf8QKBgQCx
w14Q6a4vk8HkJF0sARJI/oX57sg70XAG3RSC9AtyZr5/LMFXtW79ArJyQohfBwmM
qjEkH90zAImNk2LEd9e/whFYfGqZV1g55NjBX7qKlwPSA0z+awDMXksAHQ+up+md
8BSEcvaYvww49L4zIETZRHthxTsbw46UD0jwCvFliQKBgHfJRPg9u2OCZF+jOtK2
swI2r+4/q7Ki7mBuHlnceRDfgb+1lvv2QmM0M/p6ijf7/SequksdJSr2jLmCp/K3
HwSFaGgoHSt/nkcCCi7LR9fhM2MeLrEIV4E937Ii2wkt5/JXGwwYPbadELPb84On
q0oUrqcHheFb4aCv1N5io6ok
-----END PRIVATE KEY-----
}
在 Rust 代码中,我在将 Reply 实现为 Json 的函数中返回“ClientKey”结构,如下所示
结构
#[derive(Debug, Clone, Default, Serialize, Deserialize)]
pub struct ClientKey {
pub token_uri: String,
pub kid: String,
pub private_key: String,
}
函数返回
Ok(ClientKey {
kid, // random id generated using rand crate
private_key: format!("{}", pvt_key), // Generated from openssl and returned from a function in actual code
token_uri: format!("{}", "http://example.com/token")
})
扭曲回复功能
impl Reply for ClientKey {
fn into_response(self) -> Response {
warp::reply::json(&self).into_response()
}
}
这是无效的 JSON:
{
"token_uri": "http://example.com/token",
"kid": "keyid",
"private_key": "-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC/Z0MgEolvLiwM
NWpRR+xN6+sXNZh9HU7ignGMgieHz147D/ti7kD1cb14F9Sfp2CewfjwapdMjkhF
/7sytl54ylNV5ID9EIBDlbbJ78IdEu4CzvbdhBP32k5IEQCACI4wMQmqLRj01Wbg
l0ihNPkNFkuVxfmSC5ozJuiVXsR/rCg7GP9w880tkJI50ZoUNwClaLOXWph151Es
jc0HDgrYaDISzLB8qLxEBQCTBLz9OWz38rV0bfLGnBRYZjFx4gzkuZbjJfE2w3XQ
uAl08A0THdNztffoWQLED98jxBj3Y5PRsiC9oqccKb51crohYe426GnfiaAGiPQy
jGI+2ZBRAgMBAAECggEAS+VjbZ1MF+UEHFc18EMHxaIt10cuTzZG6HR3GBMoH6cv
o1XkBceZxHm0eqFgc2pIWstprdNmaTnmGLOeBC7iaR05TE7Ogwp/Ac2k7JAAtcyi
ykRNCWttC5PqBJORUjOSRjO7tForkjHomFgEub+qnfDgSeR14N5u56efBFPOsRzf
IjAMO6lkYcGHa9hFSpzCNp319gH4yIXL+jXUs+3oyOruHVWHtRVTriGZ7eFgs6lU
gSt6+1V59gKjQtYHWWVEsE3f9YIB2zmFaQWHsK1qK3CAf5lNhsfDMXFNrNWSu+SB
MPWcNdxY7tdbfjPC4srJSs/YIfhEhuqLK6cR6Z8gwQKBgQD4dNluCVPIllWiPi95
peztrYDVmVYVDU0XKZ01EDqydDWJyUWYuMG77g/vPokrYHRB+rCYTDbpsO3d7qB9
tJoTOhJ1juPqmgbUwZEKokb64KKg+JMGH0elAD0mlIcxrkkvppapA/WGTXV84Nf8
4tTCWKoyUiyi8jZfby8rIpzAiQKBgQDFNvZraXsTcdikQQcAGclK6zdAVf0J1OE6
b1zZFQhlao38hWz/NdbvwHvtqhNgx7r9eO3Jg250atFHm8YD+OTQPz2xBecbTBeY
/F3tiD6NiL2TClBlaB7aR9KchaFypOmtR02UFPh4o0cX03s8D8qmr30MOBkjqgxm
spNU35qPiQKBgQCdVnHyqtlx5zHngnXSFW9KvFsf6PCIeFnfVy0E03g4VjspPFpk
cmvNNN7GZNW8sGIu/jAi4fDMYIzhxCHCOUJw9o+F/qz6ffvhc4sELuvAJ80VHxUM
BXb7WIFhEyHiJjqWgGpcMfOjzx2drU1aCdMuF7QAFeXKcpRYLzKxoEOf8QKBgQCx
w14Q6a4vk8HkJF0sARJI/oX57sg70XAG3RSC9AtyZr5/LMFXtW79ArJyQohfBwmM
qjEkH90zAImNk2LEd9e/whFYfGqZV1g55NjBX7qKlwPSA0z+awDMXksAHQ+up+md
8BSEcvaYvww49L4zIETZRHthxTsbw46UD0jwCvFliQKBgHfJRPg9u2OCZF+jOtK2
swI2r+4/q7Ki7mBuHlnceRDfgb+1lvv2QmM0M/p6ijf7/SequksdJSr2jLmCp/K3
HwSFaGgoHSt/nkcCCi7LR9fhM2MeLrEIV4E937Ii2wkt5/JXGwwYPbadELPb84On
q0oUrqcHheFb4aCv1N5io6ok
-----END PRIVATE KEY-----"
}
我在私钥的最后一行添加了缺少的
"
字符。这不足以使数据成为有效的 JSON。
如注释中所述,控制字符不能出现在 JSON 字符串值中,必须进行转义。根据 RFC 8259:JavaScript 对象表示法 (JSON) 数据交换格式,第 7 节:字符串(粗体我的):
字符串的表示与 C 语言中使用的约定类似 编程语言家族。字符串的开头和结尾为 引号。所有 Unicode 字符都可以放置在 引号,除了必须转义的字符: 引号、反斜线和控制字符 (U+0000 通过 U+001F).
任何字符都可以被转义。如果角色在基本模式中 多语言平面(U+0000 到 U+FFFF),那么它可能是 表示为一个六字符序列:反向斜线,后面跟着 由小写字母 u 后跟四个十六进制数字 对字符的代码点进行编码。十六进制字母 A 到 F 可以是大写或小写。因此,例如,一个字符串 可以表示仅包含单个反斜线字符 作为“\u005C”。
或者,还有两个字符序列转义 一些流行角色的代表。因此,例如,一个 仅包含单个反斜线字符的字符串可能是 更紧凑地表示为“\”。
转义基本多语言中没有的扩展字符 Plane,字符表示为12个字符的序列, 对 UTF-16 代理项对进行编码。因此,例如,一个字符串 仅包含 G 谱号字符 (U+1D11E) 可以表示为 “\uD834\uDD1E”。
string = quotation-mark *char quotation-mark char = unescaped / escape ( %x22 / ; " quotation mark U+0022 %x5C / ; \ reverse solidus U+005C %x2F / ; / solidus U+002F %x62 / ; b backspace U+0008 %x66 / ; f form feed U+000C %x6E / ; n line feed U+000A %x72 / ; r carriage return U+000D %x74 / ; t tab U+0009 %x75 4HEXDIG ) ; uXXXX U+XXXX
请注意,“换行”是
U+000A
- 必须转义的控制字符之一。
OT:我确实希望这不是你真正的私钥。如果它是真实的,它就不再是私人的了。