Home > Backend Development > Golang > go-jwt token validation error - invalid token signature: Invalid key type

go-jwt token validation error - invalid token signature: Invalid key type

王林
Release: 2024-02-08 21:15:31
forward
469 people have browsed it

go-jwt 令牌验证错误 - 令牌签名无效:密钥类型无效

php editor Zimo may encounter the error message: "Invalid token signature: Invalid key type" when using go-jwt for token verification. This error is caused by a mismatch between the token's signature and the key type. The token signature is an important part of validating the token, and the key type specifies the algorithm used to generate and verify the signature. To solve this problem, we need to ensure that the token's signing algorithm is consistent with the key type. Next, we will detail how to properly configure and use go-jwt to avoid this error.

Problem content

Error occurred

token signature is invalid: key is of invalid type
Copy after login

When trying to verify the jwt token. Use golang-jwt (v5) library.

Here's how I generate the token:

const (
    secretkey     = "162475e134198bd451af0b88a5defe132c72cb26fd58449772883b90c498b484"
    tokenlifespan = 4
)

func generatetoken() (string, error) {
    claims := jwt.mapclaims{}
    claims["authorized"] = true
    claims["foo"] = "bar"
    claims["exp"] = time.now().add(time.hour * time.duration(tokenlifespan)).unix()
    token := jwt.newwithclaims(jwt.signingmethodhs256, claims)

    return token.signedstring([]byte(secretkey))
}
Copy after login

This is the generated token:

This is how I verify the token:

func ValidateToken(c *gin.Context) error {
    token, err := GetToken(c)

    if err != nil {
        return err
    }

    _, ok := token.Claims.(jwt.MapClaims)
    if ok && token.Valid {
        return nil
    }

    return errors.New("invalid token provided")
}

func GetToken(c *gin.Context) (*jwt.Token, error) {
    tokenString := getTokenFromRequest(c)
    token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
        if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
            return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
        }

        return token, nil
    })
    return token, err
}

func getTokenFromRequest(c *gin.Context) string {
    bearerToken := c.Request.Header.Get("Authorization")

    splitToken := strings.Split(bearerToken, " ")
    if len(splitToken) == 2 {
        return splitToken[1]
    }
    return ""
}
Copy after login

Any suggestions how to get it working? What am I missing? Thanks.

Workaround

keyfunc Use the parse method as a callback function to provide the verification key. So it should return a key instead of parameter token *jwt.token.

token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
    if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
        return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
    }

-   return token, nil
+   return []byte(secretKey), nil
  })
Copy after login

The above is the detailed content of go-jwt token validation error - invalid token signature: Invalid key type. For more information, please follow other related articles on the PHP Chinese website!

source:stackoverflow.com
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template