Go中无效的Json Web令牌

I am trying to make a Json web token authentication system with Go however I cant seem to get the parsing of the web token working. The error occurs in the following function.

func RequireTokenAuthentication(rw http.ResponseWriter, req *http.Request, next http.HandlerFunc) {
authBackend := InitJWTAuthenticationBackend()

jwtString := req.Header.Get("Authorization")


token, err := jwt.Parse(jwtString, func(token *jwt.Token) (interface{}, error) {
    if _, ok := token.Method.(*jwt.SigningMethodRSA); !ok {
        log.Println("Unexpected signing method")
        return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
    } else {
        log.Println("The token has been successfully returned")
        return authBackend.PublicKey, nil
    }
})

log.Println(token)
log.Println(token.Valid)

if err == nil && token.Valid && !authBackend.IsInBlacklist(req.Header.Get("Authorization")) {
    next(rw, req)
} else {
    rw.WriteHeader(http.StatusUnauthorized)
    log.P

rintln("Status unauthorized RequireTokenAuthentication")
    }
}

returns the following log

[negroni] Started GET /test/hello
2016/09/13 01:34:46 &{Bearer eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE0NzM5NzQ4OTAsImlhdCI6MTQ3MzcxNTY5MCwic3ViIjoiIn0.mnwEwdR8nuvdLo_4Ie43me7iph2LeSj1uikokgD6VJB7isjFPShN8E7eQr4GKwuIiLTi34_i6iJRpmx9qrPugkzvsoxX44qlFi6M7FDhVySRiYbBQwTCvKCpvhnsK8BHJyEgy813aaxOMK6sKZJoaKs5JYUvnNZdNqmENYj1BM6FdbGP-oLHuR_CJK0Pym1NMhv9zLI1rpJOGu4mfj1t4tHYZAEGirPnzYMamtrK6TyEFE6Xi4voEEadq7hXvWREg6wNSQsYgww8uOaIWLy1yLbhTkPmT8zfRwLLYLqS_UuZ0xIaSWO1mF2plvOzz1WlF3ZEHLS31T1egB1XL4WTNQe <nil> map[] <nil>  false}
2016/09/13 01:34:46 false
2016/09/13 01:34:46 Status unauthorized RequireTokenAuthentication
[negroni] Completed 401 Unauthorized in 71.628ms

and here is the cURL that I am using to initiate it

curl -H "Authorization: Bearer eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE0NzM5NzQ4OTAsImlhdCI6MTQ3MzcxNTY5MCwic3ViIjoiIn0.mnwEwdR8nuvdLo_4Ie43me7iph2LeSj1uikokgD6VJB7isjFPShN8E7eQr4GKwuIiLTi34_i6iJRpmx9qrPugkzvsoxX44qlFi6M7FDhVySRiYbBQwTCvKCpvhnsK8BHJyEgy813aaxOMK6sKZJoaKs5JYUvnNZdNqmENYj1BM6FdbGP-oLHuR_CJK0Pym1NMhv9zLI1rpJOGu4mfj1t4tHYZAEGirPnzYMamtrK6TyEFE6Xi4voEEadq7hXvWREg6wNSQsYgww8uOaIWLy1yLbhTkPmT8zfRwLLYLqS_UuZ0xIaSWO1mF2plvOzz1WlF3ZEHLS31T1egB1XL4WTNQe" http://localhost:5000/test/hello

I have also tried curl without Bearer

curl -H "Authorization:eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE0NzM5NzQ4OTAsImlhdCI6MTQ3MzcxNTY5MCwic3ViIjoiIn0.mnwEwdR8nuvdLo_4Ie43me7iph2LeSj1uikokgD6VJB7isjFPShN8E7eQr4GKwuIiLTi34_i6iJRpmx9qrPugkzvsoxX44qlFi6M7FDhVySRiYbBQwTCvKCpvhnsK8BHJyEgy813aaxOMK6sKZJoaKs5JYUvnNZdNqmENYj1BM6FdbGP-oLHuR_CJK0Pym1NMhv9zLI1rpJOGu4mfj1t4tHYZAEGirPnzYMamtrK6TyEFE6Xi4voEEadq7hXvWREg6wNSQsYgww8uOaIWLy1yLbhTkPmT8zfRwLLYLqS_UuZ0xIaSWO1mF2plvOzz1WlF3ZEHLS31T1egB1XL4WTNQe" http://localhost:5000/test/hello

The error is occurring because the token is invalid token.Valid = false I have generated it using the following process.

Here is the router

router.HandleFunc("/token-auth", controllers.Login).Methods("POST")

Here is the login controller

    func Login(w http.ResponseWriter, r *http.Request) {
    requestUser := new(models.User)
    decoder := json.NewDecoder(r.Body)
    decoder.Decode(&requestUser)    
    responseStatus, token := utils.Login(requestUser) //here the util file seen below is used
    w.Header().Set("Content-Type", "application/json")
    w.WriteHeader(responseStatus)
    w.Write(token)

}

This is the util file

    func Login(requestUser *models.User) (int, []byte) {
        authBackend := authentication.InitJWTAuthenticationBackend()

        if authBackend.Authenticate(requestUser) {
            token, err := authBackend.GenerateToken(requestUser.UUID)
            if err != nil {
                return http.StatusInternalServerError, []byte("")
            } else {
                response, _ := json.Marshal(parameters.TokenAuthentication{token})
                return http.StatusOK, response
            }
        }
        return http.StatusUnauthorized, []byte("")
    }

and here is the method used to generate the token

    func (backend *JWTAuthenticationBackend) GenerateToken(userUUID string) (string, error) {
    token := jwt.New(jwt.SigningMethodRS512)

    claims := token.Claims.(jwt.MapClaims)

    claims["exp"] = time.Now().Add(time.Hour * time.Duration(settings.Get().JWTExpirationDelta)).Unix()
    claims["iat"] = time.Now().Unix()
    claims["sub"] = userUUID

    tokenString, err := token.SignedString(backend.privateKey)
    if err != nil {
        panic(err)
        return "", err
    }

    return tokenString, nil
}

How do I fix the Token Parsing system so that the token is valid? If you need any additional information I would be more than happy to make an edit with the respective information. Thank

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

2条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
dongshen9686 2016-09-13 00:38
关注
The error returned by jwt.Parse() says

tokenstring should not contain 'bearer '

So if you remove "Bearer ":

jwtString = strings.Split(jwtString, "Bearer ")[1]

you get a bit further

The token has been successfully returned

however now there's a new error:

key is of invalid type

Sorry it's not a complete answer!
本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

查看更多回答(1条)

报告相同问题？

关注问题

如何使用jwt-go库验证JSON Web令牌？
2016-01-03 15:41

回答 1 已采纳 The keyFunc is supposed to return the private key that the library should use to verify the token'
前端json中的list如何获取 json 有问必答
2021-06-10 17:05

回答 4 已采纳那个是字符串，你不能直接那么取。先用eval()方法转为json对象，然后再从对象中取。 var obj = eval(str); var saleInvoiceDetails = obj.da
Web服务中的JSON javascript json php
2017-03-21 18:30

回答 2 已采纳 You can think about it in this way: You go to the website X, and your browser (client) sends req
4.JWT（JSON Web Token，JSON令牌）
2023-04-24 10:25

未禾的博客 JSON Web令牌（JWT）是一个开放标准（RFC 7519），它定义了一种紧凑且自包含的方式，用于在各方之间作为JSON对象安全地传输信息。由于此信息是经过数字签名的，因此可以被验证和信任。可以使用秘密（使用HMAC算法）...
请教一点JS前端问题,JS函数中调用JSON数据. javascript json 前端有问必答
2022-03-13 20:52

回答 3 已采纳用ajax加载，本地file浏览要配置过chrome允许ajax请求本地文件，否则有跨域问题。如何配置参考下面的文章配置chrome支持本地（file协议）ajax请
Golang json。解组字符串文字中的无效字符' ' json
2019-06-10 07:28

回答 1 已采纳 Simply escaping the newline character should do the trick: var val []byte = []byte(`"{\"channel\"
从Golang中的json数组中删除特定元素 json
2017-01-27 11:36

回答 1 已采纳 Let's say that you have successfully parsed your data to struct. And you would have an array of yo
如何实现刷新令牌功能前端
2020-10-11 06:33

weixin_26714477的博客 Before you proceed with this article there are certain things you should be aware of: 前端应用程序中的安全性根据要求而有所不同，作为工程师，您的任务是要满足这些要求，同时为用户保留出色的体验。...
如何在Go中动态处理JSON响应中的缺失字段 json
2019-07-09 21:21

回答 1 已采纳 I finally managed to make it work with an ugly workaround. I changed my struct to type Stats stru
请问前端怎么解析这种json数据。 javascript json 前端
2021-11-10 11:05

回答 2 已采纳 js对象数组解析_是我哇-CSDN博客_js解析数组对象 js中的数组对象解析~var testData=[{id:0,name:'q',
Golang中的JSON元帅arraylist json
2018-10-30 10:50

回答 2 已采纳 You have multiple issues here: Tag names don't match the JSON input, e.g. id_employee vs IDEmplo
【JWT】json web token（jwt）详解 & 集成jwt到gin & 解决前后端的跨域问题
2022-11-10 15:14

Jzin的博客 json web token（jwt）详解 & 集成jwt到gin & 解决前后端的跨域问题
有效地从JSON文件中删除无效字符？ json
2018-08-20 13:29

回答 1 已采纳 There are several significant issues with this code causing it to behave not as intended. I've not
JWT（JSON Web Token）自动延长到期时间
2020-05-07 09:21

asdfgh0077的博客本文翻译自：JWT (JSON Web Token) automatic prolongation of expiration I would like to implement JWT-based authentication to our new REST API. 我想对我们的新REST API实现基于JWT的身份验证。 But since ...
2023前端面试题汇总
2023-03-09 17:58

下雪不过冬天的博客 2023前端基础面试题汇总
没有解决我的问题, 去提问

悬赏问题

¥20 ML307A在使用AT命令连接EMQX平台的MQTT时被拒绝
¥20 腾讯企业邮箱邮件可以恢复么
¥15 有人知道怎么将自己的迁移策略布到edgecloudsim上使用吗？
¥15 错误 LNK2001 无法解析的外部符号
¥50 安装pyaudiokits失败
¥15 计组这些题应该咋做呀
¥60 更换迈创SOL6M4AE卡的时候，驱动要重新装才能使用，怎么解决？
¥15 让node服务器有自动加载文件的功能
¥15 jmeter脚本回放有的是对的有的是错的
¥15 r语言蛋白组学相关问题

Go中无效的Json Web令牌

2条回答 默认 最新

悬赏问题

2条回答默认最新