search

Alice52 / java-ocean

java-tutorial .We intend to explain Java knowledge in this repository.
MIT License
0 stars 0 forks source link

[security] jwt token #175

Open Alice52 opened 3 years ago

Alice52 commented 3 years ago

reference

  1. https://medium.com/trabe/validate-jwt-tokens-using-jwks-in-java-214f7014b5cf
  2. https://developer.okta.com/blog/2018/10/31/jwts-with-java
  3. https://vimsky.com/examples/detail/java-method-org.springframework.security.jwt.Jwt.verifySignature.html
  4. https://www.cnblogs.com/sui84/p/11710751.html
  5. https://stackoverflow.com/questions/49693409/verify-signature-using-jwt-java-jwt
  6. https://www.jianshu.com/p/50ade6f2e4fd
  7. https://www.cnblogs.com/shihaiming/p/9565835.html
  8. https://blog.csdn.net/sayyy/article/details/80662151
  9. https://github.com/jwtk/jjwt/issues/131
Alice52 commented 3 years ago

jwt token

  1. header

    • type: 类型
    • alg: 采用的算法

  2. payload

    • exp: 过期时间
    • aud: 受用者
    • iat: 颁发时间
    • iss: 颁发者
    • sub: jwt 面上的用户
    • 自定义信息: 明文, 注意信息安全

  3. signature

    • 前两部分不同, 则签名一般不同