我试图在GO中公开jwks端点,但我生成模数的方式似乎不正确. 有没有人已经做过了,可以告诉我我做错了什么?
以下是我如何生成我的密钥openssl genrsa -out private_key.pem 2048和公共部分openssl rsa -in private_key.pem -pubout -out public_key.pub
在我的围棋程序中,我是这样做的
var verifyKey *rsa.PublicKey
verifyBytes, err := ioutil.ReadFile("public_key.pub")
verifyKey, err = jwt.ParseRSAPublicKeyFromPEM(verifyBytes)
modulus := base64.StdEncoding.EncodeToString((*verifyKey.N).Bytes())
exponent := base64.StdEncoding.EncodeToString(big.NewInt(int64(verifyKey.E)).Bytes())
以下是密钥是如何公开的
func (s *ExtAuthzServer) ServeHTTP(response http.ResponseWriter, request *http.Request) {
if request.URL.Path == "/.well-known/jwks.json" {
log.Printf("[HTTP] jwks requested")
n := base64.StdEncoding.EncodeToString((*verifyKey.N).Bytes())
e := base64.StdEncoding.EncodeToString(big.NewInt(int64(verifyKey.E)).Bytes())
keys := PublicKeysData{
Keys: []KeyData{KeyData{"RSA", "go-ext-authz", "sig", n, e}},
}
response.WriteHeader(http.StatusOK)
b, _ := json.Marshal(keys)
_, _ = response.Write([]byte(b))
return
}
}
具有以下 struct 定义
type PublicKeysData struct {
Keys []KeyData `json:"keys"`
}
type KeyData struct {
Kty string `json:"kty"`
Kid string `json:"kid"`
Use string `json:"use"`
N string `json:"n"`
E string `json:"e"`
}
这是一个curl 的输出(我指的是HTTPie)
HTTP/1.1 200 OK
Content-Length: 419
Content-Type: text/plain; charset=utf-8
Date: Fri, 06 Jan 2023 16:35:48 GMT
{
"keys": [
{
"e": "AQAB",
"kid": "go-ext-authz",
"kty": "RSA",
"n": "pulIwmeoYdXIOS+vPMURqJsB2IhL3G+OIgMm8I7FqwgeM1Rf12kxycb8VbAVgaN+cMsVfFzxg+oiUqHW4af6dO503bNgZ88DemO/gT9J9Ob4EcmNNohVX28ts6qRmhOtTN0o4xV3cHXiJYL+JTf3U/GhyEK8bJcIgj1X8kNhl7X3gtza2Ft5S8t61ZepdQJdDIdzq7wpw2DTRJ76rvstOvzvLNjfhPhX48aFaw0tSJKw2LmoawHvUviP6tjro7gFUmLX6xolniv/1U/Uas8ZbNFPZBbUs1mjMccNErtUi02VZuHWqGtHL8v+n7rgso9NMd/ljU+BV/dB2KWnO6dD2Q==",
"use": "sig"
}
]
}