我正在努力验证Azure AD令牌签名。
当我在下面的“ jwks_uri”字段中查找正确的键描述时
https://login.microsoftonline.com/common/.well-known/openid-configuration
我检查所属密钥数据。
我尝试使用“ n”-模数和“ e”字段来生成用于签名验证的公钥,但最终出现错误:
BASE64Decoder decoder = new BASE64Decoder();
byte[] modulusBytes = decoder.decodeBuffer(n);
byte[] exponentBytes = decoder.decodeBuffer(e);
BigInteger modulusInt = new BigInteger(1, modulusBytes);
BigInteger exponentInt = new BigInteger(1, exponentBytes);
try {
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
RSAPublicKeySpec publicSpec = new RSAPublicKeySpec(modulusInt, exponentInt);
RSAPublicKey pubKey = (RSAPublicKey)keyFactory.generatePublic(publicSpec);
Jwt<Header, String> c = Jwts.parser().setSigningKey(pubKey).parsePlaintextJwt(token);
} catch (Exception ex) {
ex.printStackTrace();
}
安慰:
io.jsonwebtoken.SignatureException: Unable to verify RSA signature using configured PublicKey. Signature length not correct: got 256 but was …