我正在尝试进行后端苹果登录,它看起来很好,直到行jwk = JWT::JWK.import(keyHash)它总是返回错误无效base64。我使用的是gem jwt 2.2.1版和Ruby 2.2.4
begin
header_segment = JSON.parse(Base64.decode64(jwt.split(".").first))
alg = header_segment["alg"]
kid = header_segment["kid"]
apple_response = Net::HTTP.get(URI.parse(GET_PK_APPLE_URL))
apple_certificate = JSON.parse(apple_response)
keyHash = ActiveSupport::HashWithIndifferentAccess.new(apple_certificate["keys"].select {|key| key["kid"] == kid}[0])
jwk = JWT::JWK.import(keyHash)
token_data = JWT.decode(jwt, jwk.public_key, true, {algorithm: alg})[0]
if token_data.has_key?("sub") && token_data.has_key?("email") && userIdentity == token_data["sub"]
puts "Name: " + name + " is validated."
login_or_create_user('apple')
else
render_error
end
rescue StandardError => e
render_error
end
我发现了这个问题,jwt gem有一个openssl依赖项,openssl需要Ruby的一个更实际的版本,由于其他原因,我现在无法更改我的Ruby版本,所以我需要更改代码以在不使用```jwt::JWK.import(keyHash(````的情况下获得JWK。我还需要使用UrlSafeBase64 gem。
begin
header_segment = JSON.parse(Base64.decode64(jwt.split(".").first))
alg = header_segment["alg"]
kid = header_segment["kid"]
apple_response = Net::HTTP.get(URI.parse(LOGIN_APPLE_URL))
apple_certificate = JSON.parse(apple_response)
keyHash = ActiveSupport::HashWithIndifferentAccess.new(apple_certificate["keys"].select {|key| key["kid"] == kid}[0])
key = OpenSSL::PKey::RSA.new
key.e = OpenSSL::BN.new(UrlSafeBase64.decode64(keyHash["e"]), 2)
key.n = OpenSSL::BN.new(UrlSafeBase64.decode64(keyHash["n"]), 2)
token_data = JWT.decode(jwt, key, true, {algorithm: alg})[0]
if token_data.has_key?("sub") && token_data.has_key?("email") && userIdentity == token_data["sub"]
login_or_create_user('apple')
else
render_error
end
rescue StandardError => e
render_error
end