我目前正在使用库jwks-rsa。我想从identityServer4中提取公钥。
DecodedJWT jwt = JWT.decode(token);
try {
URL url = new URL("https://localhost:31300/.well-known/openid-configuration/jwks");
JwkProvider provider = new UrlJwkProvider(url);
Jwk jwk = null;
String kid = jwt.getKeyId();
jwk = provider.get(kid);
Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) jwk.getPublicKey(), null);
algorithm.verify(jwt);
} catch (JwkException | MalformedURLException e) {
e.printStackTrace();
}
我在jwk=provider.get(kid)处得到错误。例外是com.auth0.jwk.SigningKeyNotFoundException: Cannot obtain jwks from url https://localhost:31300/.well-known/openid-configuration/jwks。然而,我可以通过postman
{
"keys": [
{
"kty": "RSA",
"use": "sig",
"kid": "0538f4763b647a8a01305774b9f4d5f1",
"e": "AQAB",
"n": "6h5hL5UfOW8SGFRNeVuU9M92p6cOWF-941vGqZ8y-PL6jC-B_2S7kp_Cw7SvOajd6CqBpQyiuP21pjhQILU4ikqq7-WbnxNZcvOQcYPLpUzupn5MBQkHk_bYONPInu-jU55FZhuYdO3sz0qS58AEqlnQbKZYLvU_KS_Ou4mSnTJr_hfwrk75cnsAMzhkVcsMt9GaSJZbj4zccIEUVQpiYLTY3gK_Nbym5ZKYfsayOHDSwLLsZchJ5VJnc1mAiZwGtszyjdCJSipQF_wdFcacmfGDwyXY4mnER32aT5Fo20lihnEJ5T1IXkwFMgWJVesiaHJQNqxAMEg86SWSN3_A0Q",
"alg": "RS256"
}
]
}
URL应该是IdentityServer的URL,如https://localhost:31300。而不是JWKS文档本身的完整路径。