Home  >  Article  >  Backend Development  >  go-jwt token validation error - invalid token signature: Invalid key type

go-jwt token validation error - invalid token signature: Invalid key type

王林
王林forward
2024-02-08 21:15:31429browse

go-jwt 令牌验证错误 - 令牌签名无效:密钥类型无效

php editor Zimo may encounter the error message: "Invalid token signature: Invalid key type" when using go-jwt for token verification. This error is caused by a mismatch between the token's signature and the key type. The token signature is an important part of validating the token, and the key type specifies the algorithm used to generate and verify the signature. To solve this problem, we need to ensure that the token's signing algorithm is consistent with the key type. Next, we will detail how to properly configure and use go-jwt to avoid this error.

Problem content

Error occurred

token signature is invalid: key is of invalid type

When trying to verify the jwt token. Use golang-jwt (v5) library.

Here's how I generate the token:

const (
    secretkey     = "162475e134198bd451af0b88a5defe132c72cb26fd58449772883b90c498b484"
    tokenlifespan = 4
)

func generatetoken() (string, error) {
    claims := jwt.mapclaims{}
    claims["authorized"] = true
    claims["foo"] = "bar"
    claims["exp"] = time.now().add(time.hour * time.duration(tokenlifespan)).unix()
    token := jwt.newwithclaims(jwt.signingmethodhs256, claims)

    return token.signedstring([]byte(secretkey))
}

This is the generated token:

This is how I verify the token:

func ValidateToken(c *gin.Context) error {
    token, err := GetToken(c)

    if err != nil {
        return err
    }

    _, ok := token.Claims.(jwt.MapClaims)
    if ok && token.Valid {
        return nil
    }

    return errors.New("invalid token provided")
}

func GetToken(c *gin.Context) (*jwt.Token, error) {
    tokenString := getTokenFromRequest(c)
    token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
        if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
            return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
        }

        return token, nil
    })
    return token, err
}

func getTokenFromRequest(c *gin.Context) string {
    bearerToken := c.Request.Header.Get("Authorization")

    splitToken := strings.Split(bearerToken, " ")
    if len(splitToken) == 2 {
        return splitToken[1]
    }
    return ""
}

Any suggestions how to get it working? What am I missing? Thanks.

Workaround

keyfunc Use the parse method as a callback function to provide the verification key. So it should return a key instead of parameter token *jwt.token.

token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
    if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
        return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
    }

-   return token, nil
+   return []byte(secretKey), nil
  })

The above is the detailed content of go-jwt token validation error - invalid token signature: Invalid key type. For more information, please follow other related articles on the PHP Chinese website!

Statement:
This article is reproduced at:stackoverflow.com. If there is any infringement, please contact admin@php.cn delete