[JWT] JWT Signature With RS256 - Learn The Advantages Compared to HS256
2017-09-22 17:56
363 查看
The advantage of RS256 over HS256 is RS256 no longer need to share the secret key between client and server side.
To create a token, we need to private key, which should be kept safe. We can use third-party server such as Auth0 to generate private-public key paris.
The public key is used only to validate JWT token on the server, and cannot use public key to create a JWT token, so even the server is hacked, hacker still cannot use the information create a token to access the data.
Create a token:
Validate a token:
To create a token, we need to private key, which should be kept safe. We can use third-party server such as Auth0 to generate private-public key paris.
The public key is used only to validate JWT token on the server, and cannot use public key to create a JWT token, so even the server is hacked, hacker still cannot use the information create a token to access the data.
Create a token:
var jwt = require('jsonwebtoken'); var fs = require('fs'); var privateKey = fs.readFileSync('./demos/private.key'); var payload = { name: 'Alice' }; var token = jwt.sign(payload, privateKey, { algorithm: 'RS256', expiresIn: 120, subject: "1" }); console.log('RSA 256 JWT', token);
Validate a token:
var jwt = require('jsonwebtoken'); var fs = require('fs'); // verify an existing JWT var existingToken = 'eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoiQWxpY2UiLCJpYXQiOjE1MDI5MDMxNTcsImV4cCI6MTUwMjkwMzI3Nywic3ViIjoiMSJ9.KQJ-f3r4TNCLVrox1JaL5pxQAM6vSw4CNKj1lCf3HDWXGdIHW5rgD5odKpNBjrkbl1smjEL_ClLnFwG_iGDPKvu2bqktcrbXwi1-XUrY-jDKLkpoEHL2C9tGYnyDRl6Pg1SP97Hl-VWkGNyekYMerL8vh0RwgcK7y8UsuA33WgnP1DtfhKIghwcd493ARN4nBvmMJ11Zk35c7FBIN2w4Xl4ny8RU4l0_xy5DBF3JAKV1jilTHOKEvsrY8Ry3qRKaxxR6-QE_pfGOte3BRlt6544BUul1yI662tVAn1R28KXKnwCGAwo_HZ1kC-OrxmsjoXI4HDuHG2k5eRX-QC_W4Q'; var publicKey = fs.readFileSync('./demos/public.key'); console.log("verifying"); const verify = jwt.verify(existingToken, publicKey); console.log("Decoded JWT:", verify);
相关文章推荐
- Ambari学习10_ambari安装过程Registration with the server failed和[Errno 256] No more mirrors to try
- [JWT] JWT with HS256
- Learn to securely share files on the blockchain with IPFS!
- The good site to buy rs 2007 gold cheap on RSorder with pay by Paypal or Alipay without anyconfirmat
- How to Integrate the Zend Debug with Zend Eclipse-PHP (PDT) and XAMPP
- two improvement to the "drop all table with T-SQL" solution
- Learn to Tango with D
- You need to run build with JDK or have tools.jar on the classpath.
- Learn to live with Apache Hive in 12 easy steps
- How to use btt with blktrace to analysis the trace file
- SharePoint Debug - Failed to load resource: the server responded with a status of 500
- The specified named connection is either not found in the configuration, not intended to be used with the EntityClient provider, or not valid
- You need to use a Theme.AppCompat theme (or descendant) with this activity解决方法
- The SDK platform-tools version(24.0.1) is too old to check APIs compiled with API 25
- The 10 Best Open Source Projects You Should Be Volunteering To Help With
- Plaase select at least one of the signature versions to use 问题的解决
- 解决The SDK platform-tools version ((23)) is too old to check APIs compiled with API 23
- Winform: use the WebBrowser to display XML with xslt, xml, xslt 转 html 字符串
- How to mock the function with output parameter by cppumock?
- Error while preforming database login with the sql driver Unable to create...