小贝子编程

Firebase PHP JWT "OpenSSL unable to verify data: error:0906D06C:PEM routines:PEM_read_bio:no start l



我通过应用引擎使用谷歌云PHP API。从客户端设备,通过POST发送带有Firebase验证令牌的请求。根据Firebase PHP JWT的文档,我正在尝试用以下代码解码令牌:

$decoded = JWT::decode($token, $key, array('RS256'));

$token是这样一行(出于安全原因,这是无效的):

eyJhbGciOiJSUzI1asdaNiIsImtpZCI6Ijk2N2Q3NzQ4YmM5NTMTIzNzRhZWQasdasd3MzEyYzcwNjEyZTRlNTM4NmUifQ.tuaAsjdlkjvsdngeoijAnlnbfgLkoosdfKLnm,werkldsfNkndfkdsnfkfnlNKL2i34nkNJioj4Kkoj234j%jij1kjojsdffds98giojerNNjasndasiNjasdnJAjnasdkjnFoFjoFJOIAASD8990adsaaDknnkngs.v_Ko6HZjrahbihLbw2Bm7EuslEC2SSHXNK79rDbD9qIIVYxPjCsubsdfkyAWDIoJHwjkM9TtssYS-1Cjd_xkXghfILuDZpzLsHV6rF20J4n3eUTrsnmLDHK6UB5N3yK2LYoF1UoFrsiyWenfqELfE4Gx5wlfmsylTS1foS2CWRrT1ccqmJBinWiY6JNUS-0gg-2Aecf_VJ63RD9308sBKy1DUsBeje9yG8w2YpYsAqKIlMTC-FqLLpHlKe4LZxcveiqSF4J6PgvcLSPTMmg7-Li_8m41O-wfU1zwSpS1SJ73RJNg-kvRZ1y1ll8ExqXjZkazRDVkYVo6yu5AXi1Onl6FqBLA

通过JWT检查令牌。IO会给我一个正确的有效载荷。

现在是$key部分。我已经从谷歌API控制台下载了默认服务帐户JSON文件。如果我使用"private_key",它看起来像:

-----BEGIN PRIVATE KEY-----n[VERY_LONG_PRIVATE_KEY]n-----END PRIVATE KEY-----n

我得到这个错误:

openssl_verify(): supplied key param cannot be coerced into a public key

我在StackOverflow上找到了一个答案,这可以用来将私钥转换为公钥:

$private_key = openssl_pkey_get_private($c->serviceAccount->private_key);
$details = openssl_pkey_get_details($private_key);
$public_key = $details['key']

因此,如果我使用$public_key代替,我将得到另一个错误,说明如下:

Uncaught exception 'DomainException' with message 'OpenSSL unable to verify data: error:0906D06C:PEM routines:PEM_read_bio:no start line

公钥如下:

-----BEGIN PUBLIC KEY-----n[VERY_LONG_KEY]n-----END PUBLIC KEY-----n

所以看起来应该可以工作。但事实并非如此。RS256算法也是正确的。

感谢任何帮助!

我在使用Node.js读取私钥时遇到了同样的错误 Error: error:0906D06C:PEM routines:PEM_read_bio:no start line

原来的问题是谷歌云将n转换成\n。当我把它转换回n时,它工作了。

const functions = require('firebase-functions');
const admin = require('firebase-admin');
const bigquery = require('@google-cloud/bigquery');
const config = functions.config();
admin.initializeApp(config.firebase);
const firestore = admin.firestore();
const sanitizePrivateKey = (key) =>
  key.replace(/\n/g, 'n');
/* firebase converts n to \n, we have to convert it back */
if (config.credentials) {
  config.credentials.private_key = sanitizePrivateKey(config.credentials.private_key);
}
const bigqueryClient = bigquery({
  projectId: 'screencastify-staging',
  // eslint-disable-next-line
  credentials: config.credentials,
});

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium