微信公众号搜"智元新知"关注
微信扫一扫可直接关注哦!

Quarkus MP-JWT:如何生成密钥对?

分类:编程问答

如何解决Quarkus MP-JWT:如何生成密钥对?

我正在尝试解决此处显示的RBAC授权示例:https://quarkus.io/guides/security-jwt#generate-jwt-tokens。 Generatetoken类的代码与示例中的代码几乎相同,我只是删除了声明:

public class Generatetoken
{
  public static void main(String[] args)
  {
    String token = Jwt.issuer("CN=me,OU=quarkus,O=quarkus,C=FR").upn("me").groups(new HashSet<>(Arrays.asList("User","Admin"))).sign();
    log.info (">>> Generatetoken.main(): Token is {}",token);
  }
}

现在,我需要生成私钥和公钥.pem文件。我写了以下脚本:

keytool -genkey -keyalg RSA -keystore ./jks/selfsigned.jks -keysize 2048 -dname "CN=me,C=FR" 
keytool -exportcert -keystore ./jks/selfsigned.jks -rfc -file src/main/resources/meta-inf/resources/public-key.pem
keytool -importkeystore -srckeystore ./jks/selfsigned.jks -destkeystore ./jks/selfsigned.p12 -srcstoretype jks -deststoretype pkcs12 
openssl pkcs12 -in ./jks/selfsigned.p12 -nodes -nocerts -out src/test/resources/private-key.pem

据我所知,private-key.pem和public-key.pem文件是正确生成的。但是运行Generatetoken类会引发以下异常:

mvn exec:java -Dexec.classpathScope=test -Dsmallrye.jwt.sign.key-location=private-key.pem
[INFO] Scanning for projects...
... 
[INFO] --- exec-maven-plugin:1.6.0:java (default-cli) @ eclipse-microprofile ---
[WARNING] 
java.lang.NullPointerException
    at io.smallrye.jwt.build.impl.JwtSignatureImpl.keyAlgorithm (JwtSignatureImpl.java:186)
    at io.smallrye.jwt.build.impl.JwtSignatureImpl.signInternal (JwtSignatureImpl.java:150)
    at io.smallrye.jwt.build.impl.JwtSignatureImpl.sign (JwtSignatureImpl.java:72)
    at ... Generatetoken.main (Generatetoken.java:14)
    at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
    at jdk.internal.reflect.NativeMethodAccessorImpl.invoke (NativeMethodAccessorImpl.java:62)
    at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke (DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke (Method.java:566)
    at org.codehaus.mojo.exec.ExecJavaMojo$1.run (ExecJavaMojo.java:282)
    at java.lang.Thread.run (Thread.java:834)
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time:  1.572 s
[INFO] Finished at: 2020-09-19T18:10:50+02:00
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.codehaus.mojo:exec-maven-plugin:1.6.0:java (default-cli) on project eclipse-microprofile: An exception occured while executing the Java class. null: NullPointerException -> [Help 1]

使用提供的publicKey.pem和privateKey.pem运行原始示例,当然可以正常工作。我在这里做什么错了?

非常感谢。

西摩玻璃

解决方法

我在回答自己的问题。由于某些原因,keytool似乎无法与MP-JWT一起使用,但是openssl可以。因此,以下命令将按预期运行,而不是上面的脚本:

openssl req -x509 -newkey rsa:2048 -nodes -keyout src/test/resources/private-key.pem -out src/main/resources/META-INF/resources/public-key.pem -days 365 -subj "/C=FR/O=quarkus/CN=me"

这将创建一个新的自签名证书,并将其公钥提取到文件src / main / resources / META-INF / resources / public-key.pem中,并将私有密钥提取到src / test / resources / private- key.pem。现在,运行mvn exec:java将起作用:

mvn exec:java -Dexec.mainClass=org.acme.security.jwt.GenerateToken -Dexec.classpathScope=test -Dsmallrye.jwt.sign.key-location=private-key.pem
[INFO] Scanning for projects...
[INFO] 
[INFO] ----< fr.simplex-software.aws.lambda.quarkus:eclipse-microprofile  >-----
[INFO] Building eclipse-microprofile 1.0-SNAPSHOT
[INFO] --------------------------------[ jar   ]---------------------------------
[INFO] 
[INFO] --- exec-maven-plugin:1.6.0:java (default-cli) @ eclipse-microprofile ---
sept. 21,2020 5:10:24 PM fr.simplex_software.aws.lambda.quarkus.GenerateToken  main
INFO: >>> GenerateToken.main(): Token is eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJDTj1uZHVtaW5pbCwgTz1TaW1wbGV4U29mdHdhcmUsIEM9RlIiLCJ1cG4iOiJuZHVtaW5pbCIsImdyb3VwcyI6WyJVc2VyIiwiQWRtaW4iXSwiaWF0IjoxNjAwNzAxMDIzLCJleHAiOjE2MDA3MDEzMjMsImp0aSI6Ik91U0kzM19PSVVYbkJCLWpkTjZyUmcifQ.L1RbrJ89nbaE2_xfiDaaVZ5Y00n8U3W5SFUhuwb6sgFaSXExFhziPYjhsqTZO5Rv0DRiz48GkmveP70c5EShS4gNuq8fw1ifvzUF4001oY4Pkgs-ZDZyTmjgWr9GElVr0nOGBhFE9qLMbCF9YcJt-dUgq0JzK93gj3BKi9wWpzFSPRdIZn9f6Xs-FPL7TyNwoHYEm4UYHY5AdxE4lsw0BbGCIgUUKZEO8iFsuOiEUvgosYiIwGdPC-16kOC-xINq2ObzPdHOZixEZGh9xb3tYFALxfxKX8UznckiMbXwc36qQ6WorJA1mPPuyMCKjE310rZzSx9fDiaO0-wGDAkq0A
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time:  1.768 s
[INFO] Finished at: 2020-09-21T17:10:24+02:00
[INFO] ------------------------------------------------------------------------

版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。

苹果市值2025年有望达4万亿美元
pythonJavaScriptjavaHTMLPHPreactjsC#AndroidCSSNode.jssqlrpython-3.xMysqLjQueryc++pandasFlutterangularIOSdjangolinuxswifttypescript路由器JSON路由器设置无线路由器h3c华三华三路由器设置华三路由器电脑软件教程arraysdocker软件图文教程Cvue.jslaravelspring-boot