golang通过RSA算法生成token,go从配置文件中注入密钥文件,go从文件中读取密钥文件,go RSA算法下token生成与解析;go java token共用
生活随笔
收集整理的這篇文章主要介紹了
golang通过RSA算法生成token,go从配置文件中注入密钥文件,go从文件中读取密钥文件,go RSA算法下token生成与解析;go java token共用
小編覺得挺不錯的,現在分享給大家,幫大家做個參考.
RSA算法 token生成與解析
本文演示兩種方式,一種是把密鑰文件放在配置文件中,一種是把密鑰文件本身放入項目或者容器中。
下面兩種的
區別在于私鑰公鑰的初始化,init方法,需要哪種取哪種。
-
通過文件讀取
-
首先是密鑰文件(privateKey),放在如config目錄下。
-----BEGIN RSA PRIVATE KEY-----
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAMu4IDG1XU6a7bXo
4V1jSnbKk9Eum2WguAyq+maCRcP9JoHlE/HmhPOjl91aN5gDHw3pgB7QMMkPkuyY
0aG9UiIo7PbBgjXsNBErprKa8G7GKhDN4B3m8jxEi1NLtCk2H8AEf8H/deGFXCde
fjQx0NcTbJ8STfbsqrLhOq2xzAgMBAAECgYEAg1kZMNOd8IOFxqb7P2o4ZbUh
b1rciL8CS/CleBiAgOgkvtWDcZFOoYQV83sqoxFIIYEuwS88dTZcZb32U5EsdYEx
JvJwAAYnzpch/YAz0llvXSHzZwNfGGvs4qt0d74bFpPfveli82wSKMlykeajP2Ro
RQpOniTYOWrJ01UHdUECQQDt1KTj/Xs5BNmEZAkJVmGekQROADk+ztceAe9UMj/J
s5xECdXVwuFh2Rm62MMQNNoW2Pjz4Y5NqhjRu0MMZnlTAkEA20hZsgA78aqTO7s+
+y/CLgP3Cd7uG/5RkcmjBWq2eXkt6wmazZl0BMYb7vshblnMjFXJwuOmfBJl7rTr
1fg8YQJAEo4Jg0QObgdj1QFc9x6HJTDZLiC0VqMag1vRSTdWZK0fnutJhJDctp6S
dFJe/Y+yCCBLY/OP/50qrIo4k+oWwwJAIn8hTTVoOL6C5xSv9cgvnhmVlYHyp4i8
wFieQs3k4vtDVARwzANmExIvdssfGUMbQMCGOxihKkeirYjcyQ6CQQJAbsbpzCjD
wd9JCogmTu/xYqtL898ek7LeNkhgIY2KhYtlptxlHfzgLBUgiSTNTcD1YWtSSp6u
A5ImxrryDYPmfg==
-----END RSA PRIVATE KEY-----
-
處理私鑰,生成token與解析
package mainimport ("crypto/rsa""crypto/x509""encoding/base64""errors""github.com/golang-jwt/jwt/v4""io/ioutil""log""time"
)var (publicKey *rsa.PublicKeyprivateKey *rsa.PrivateKey
)func main() {token, _ := createToken(privateKey)println("-------------")println(token)println("-------------")a1, _ := getSubFromToken(token)println(a1)
}func init() {publicKeyByte, err := ioutil.ReadFile("公鑰的路徑/public.key")if err != nil {log.Println(err.Error())}publicKey, err = jwt.ParseRSAPublicKeyFromPEM(publicKeyByte)privateKeyByte, err := ioutil.ReadFile("私鑰的路徑/private.key")if err != nil {log.Println(err.Error())}privateKey, _ = jwt.ParseRSAPrivateKeyFromPEM(privateKeyByte)
}// createToken 生成一個RS256驗證的Token
// Token里面包括的值,可以自己根據情況添加,
func createToken(privateKey *rsa.PrivateKey) (tokenStr string, err error) {expireTime := time.Now().Add(7 * 24 * time.Hour)var audi = jwt.ClaimStrings{"zwmgc",}var expir = jwt.NewNumericDate(expireTime)claim := jwt.RegisteredClaims{Audience: audi,ExpiresAt: expir, //過期時間//IssuedAt: time.Now().Unix(),Issuer: "simba-sdk", // 簽名頒發者Subject: "23258bd202e451a988234c2145d754a", //簽名主題}// jwt.SigningMethodHS256token := jwt.NewWithClaims(jwt.SigningMethodRS256, claim)tokenStr, _ = token.SignedString(privateKey)return
}// getSubFromToken 獲取Token的主題(也可以更改獲取其他值)
// 參數tokenStr指的是 從客戶端傳來的待驗證Token
// 驗證Token過程中,如果Token生成過程中,指定了iat與exp參數值,將會自動根據時間戳進行時間驗證
func getSubFromToken(tokenStr string) (sub string, err error) {// 基于公鑰驗證Token合法性token, err := jwt.Parse(tokenStr, func(token *jwt.Token) (interface{}, error) {// 基于JWT的第一部分中的alg字段值進行一次驗證if _, ok := token.Method.(*jwt.SigningMethodRSA); !ok {return nil, errors.New("驗證Token的加密類型錯誤")}return publicKey, nil})if err != nil {return}if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {return claims["sub"].(string), nil}return "", errors.New("token無效或者無對應值")
}-
通過配置文件或者字符串
package mainimport ("crypto/rsa""crypto/x509""encoding/base64""errors""github.com/golang-jwt/jwt/v4""io/ioutil""log""time"
)var (publicKey *rsa.PublicKeyprivateKey *rsa.PrivateKey
)func main() {token, _ := createToken(privateKey)println("-------------")println(token)println("-------------")a1, _ := getSubFromToken(token)println(a1)
}func init() {// 初始化 public Keyvar publicKeyStr = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDLuCAxtV1Omu216OFdY0p2ypPR\n" +"LptloLgMqvpmgkXD/SaB5RPx5oTzo5fdWjeYAx8N6YAe0DDJD5LsmNGhvVIiKOz2\n" +"wYI17DQRK6aymvBuxioQzeAd5vI8RBH/B/3XhhVwnXn40MdDQxA3E\n" +"2yfEk327Kqy4TqtscwIDAQAB"publicKeyBinary := make([]byte, base64.StdEncoding.DecodedLen(len(publicKeyStr)))publicKeyLen, _ := base64.StdEncoding.Decode(publicKeyBinary, []byte(publicKeyStr))publicKeyBinary = publicKeyBinary[:publicKeyLen]pubInterface, _ := x509.ParsePKIXPublicKey(publicKeyBinary)publicKey = pubInterface.(*rsa.PublicKey)// 初始化 private Keyvar privateKeyStr = "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAMu4IDG1XU6a7bXo\n" +"4V1jSnbKk9Eum2WguAyq+maCRcP9JoHlE/HmhPOjl91aN5gDHw3pgB7QMMkPkuyY\n" +"0aG9UiIo7PbBgjXsNBErprKa8G7GKhDN4B3m8jxEi1NLtCk2H8AEf8H/deGFXCde\n" +"fjQx0NDEDcTbJ8STfbsqrLhOq2YEAg1kZMNOd8IOFxqb7P2o4ZbUh\n" +"b1rciL8CS/CleBiAgOgkvtWDcZFOoYQV83sqoxFIIYEuwS88dTZcZb32U5EsdYEx\n" +"JvJwAAYnzpch/YAz0llvXSHzZwNfGGvs4qt0d74bFpPfveli82wSKMlykeajP2Ro\n" +"RQpOniTYOWrJ01UHdUECQQDt1KTj/Xs5BNmEZAkJVmGekQROADk+ztceAe9UMj/J\n" +"s5xECdXVwuFh2Rm62MMQNNoW2Pjz4Y5NqhjRu0MMZnlTAkEA20hZsgA78aqTO7s+\n" +"+y/CLgP3Cd7uG/5RkcmjBWq2eXkt6wmazZl0BMYb7vshblnMjFXJwuOmfBJl7rTr\n" +"1fg8YQJAEo4Jg0QObgdj1QFc9x6HJTDZLiC0VqMag1vRSTdWZK0fnutJhJDctp6S\n" +"dFJe/Y+yCCBLY/OP/50qrIo4k+oWwwJAIn8hTTVoOL6C5xSv9cgvnhmVlYHyp4i8\n" +"wFieQs3k4vtDVARwzANmExIvdssfGUMbQMCGOxihKkeirYjcyQ6CQQJAbsbpzCjD\n" +"wd9JCogmTu/xYqtL898ek7LeNkhgIY2KhYtlptxlHfzgLBUgiSTNTcD1YWtSSp6u\n" +"A5ImxrryDYPmfg=="privateKeyBinary := make([]byte, base64.StdEncoding.DecodedLen(len(privateKeyStr)))privateKeyLen, _ := base64.StdEncoding.Decode(privateKeyBinary, []byte(privateKeyStr))privateKeyBinary = privateKeyBinary[:privateKeyLen]privateInterface, _ := x509.ParsePKCS8PrivateKey(privateKeyBinary)privateKey = privateInterface.(*rsa.PrivateKey)
}// createToken 生成一個RS256驗證的Token
// Token里面包括的值,可以自己根據情況添加,
func createToken(privateKey *rsa.PrivateKey) (tokenStr string, err error) {expireTime := time.Now().Add(7 * 24 * time.Hour)var audi = jwt.ClaimStrings{"zwmgc",}var expir = jwt.NewNumericDate(expireTime)claim := jwt.RegisteredClaims{Audience: audi,ExpiresAt: expir, //過期時間//IssuedAt: time.Now().Unix(),Issuer: "simba-sdk", // 簽名頒發者Subject: "23258bd202e451a988234c2145d754a", //簽名主題}// jwt.SigningMethodHS256token := jwt.NewWithClaims(jwt.SigningMethodRS256, claim)tokenStr, _ = token.SignedString(privateKey)return
}// getSubFromToken 獲取Token的主題(也可以更改獲取其他值)
// 參數tokenStr指的是 從客戶端傳來的待驗證Token
// 驗證Token過程中,如果Token生成過程中,指定了iat與exp參數值,將會自動根據時間戳進行時間驗證
func getSubFromToken(tokenStr string) (sub string, err error) {// 基于公鑰驗證Token合法性token, err := jwt.Parse(tokenStr, func(token *jwt.Token) (interface{}, error) {// 基于JWT的第一部分中的alg字段值進行一次驗證if _, ok := token.Method.(*jwt.SigningMethodRSA); !ok {return nil, errors.New("驗證Token的加密類型錯誤")}return publicKey, nil})if err != nil {return}if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {return claims["sub"].(string), nil}return "", errors.New("token無效或者無對應值")
}總結
以上是生活随笔為你收集整理的golang通过RSA算法生成token,go从配置文件中注入密钥文件,go从文件中读取密钥文件,go RSA算法下token生成与解析;go java token共用的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 总结一下在使用某里云服务器的过程中出现过
- 下一篇: 从言行合一到知行合一