最近我开始使用基于JWT的身份验证.在用户登录之后,生成用户令牌,其看起来像"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ".
它由三个部分组成,每个部分用点(.)分隔.第一部分是Base64编码的标题.解码后我们会得到类似{"alg":"HS256",//使用的算法"typ":"JWT"}
第二部分是索赔和Base64编码.解码后,我们会得到类似{"sub":"1234567890","name":"John Doe","admin":true}
第三部分是签名并生成
HMACSHA256(base64UrlEncode(header)+"."+ base64UrlEncode(payload), secret base64编码 )
现在这个密钥是什么以及如何生成这个密钥?
我尝试了一些在线生成器,如" http://kjur.github.io/jsjws/tool_jwt.html ",但dint得到了很多帮助.
当我上传大文件(大约50 MB)时,我得到 org.eclipse.jetty.io.EofException:早期的EOF感知.我的码头服务器版本是" 9.2.9.v20150224 ".Below是堆栈跟踪
org.eclipse.jetty.io.EofException: Early EOF
at org.eclipse.jetty.server.HttpInput$3.noContent(HttpInput.java:505) ~[jetty-server-9.2.9.v20150224.jar:9.2.9.v20150224]
at org.eclipse.jetty.server.HttpInput.read(HttpInput.java:124) ~[jetty-server-9.2.9.v20150224.jar:9.2.9.v20150224]
at org.apache.http.entity.InputStreamEntity.writeTo(InputStreamEntity.java:142) ~[httpcore-4.4.1.jar:4.4.1]
at org.apache.http.entity.HttpEntityWrapper.writeTo(HttpEntityWrapper.java:96) ~[httpcore-4.4.1.jar:4.4.1]
at org.apache.http.impl.client.EntityEnclosingRequestWrapper$EntityWrapper.writeTo(EntityEnclosingRequestWrapper.java:112) ~[httpclient-4.5.jar:4.5]
at org.apache.http.impl.entity.EntitySerializer.serialize(EntitySerializer.java:117) ~[httpcore-4.4.1.jar:4.4.1]
at org.apache.http.impl.AbstractHttpClientConnection.sendRequestEntity(AbstractHttpClientConnection.java:265) ~[httpcore-4.4.1.jar:4.4.1]
at org.apache.http.impl.conn.AbstractClientConnAdapter.sendRequestEntity(AbstractClientConnAdapter.java:231) ~[httpclient-4.5.jar:4.5]
at org.apache.http.protocol.HttpRequestExecutor.doSendRequest(HttpRequestExecutor.java:237) ~[httpcore-4.4.1.jar:4.4.1]
at org.apache.http.protocol.HttpRequestExecutor.execute(HttpRequestExecutor.java:122) ~[httpcore-4.4.1.jar:4.4.1]
at org.apache.http.impl.client.DefaultRequestDirector.tryExecute(DefaultRequestDirector.java:685) ~[httpclient-4.5.jar:4.5]
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:487) ~[httpclient-4.5.jar:4.5]
at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:882) ~[httpclient-4.5.jar:4.5]
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:117) ~[httpclient-4.5.jar:4.5]
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:55) ~[httpclient-4.5.jar:4.5]
at org.apache.http.client.HttpClient$execute$2.call(Unknown Source) ~[na:na]
org.eclipse.jetty.io.EofException
at org.eclipse.jetty.io.ChannelEndPoint.flush(ChannelEndPoint.java:192)
at org.eclipse.jetty.io.WriteFlusher.flush(WriteFlusher.java:408)
at org.eclipse.jetty.io.WriteFlusher.write(WriteFlusher.java:302)
at org.eclipse.jetty.io.AbstractEndPoint.write(AbstractEndPoint.java:129)
at org.eclipse.jetty.server.HttpConnection$SendCallback.process(HttpConnection.java:676)
at org.eclipse.jetty.util.IteratingCallback.processing(IteratingCallback.java:246)
at org.eclipse.jetty.util.IteratingCallback.iterate(IteratingCallback.java:208)
at org.eclipse.jetty.server.HttpConnection.send(HttpConnection.java:471)
at org.eclipse.jetty.server.HttpChannel.sendResponse(HttpChannel.java:763)
at org.eclipse.jetty.server.HttpChannel.write(HttpChannel.java:801)
at …我正在编写一个python脚本,它将调用一个REST POST端点,但作为响应,我收到400 Bad Request,就好像我用curl做同样的请求,它返回200 OK.下面是python脚本的代码片段
import httplib,urllib
def printText(txt):
lines = txt.split('\n')
for line in lines:
print line.strip()
httpServ = httplib.HTTPConnection("127.0.0.1", 9100)
httpServ.connect()
params = urllib.urlencode({"externalId": "801411","name": "RD Core","description": "Tenant create","subscriptionType": "MINIMAL","features": {"capture":False,"correspondence": True,"vault": False}})
headers = {"Content-type": "application/json"}
httpServ.request("POST", "/tenants", params, headers)
response = httpServ.getresponse()
print response.status, response.reason
httpServ.close()
和相应的卷曲请求是
curl -iX POST \
-H 'Content-Type: application/json' \
-d '
{
"externalId": "801411",
"name": "RD Core seed data test",
"description": "Tenant for Core team seed data testing",
"subscriptionType": "MINIMAL", …