我有水疗申请。每个客户端请求都包含一个从google https://developers.google.com/identity/protocols/OpenIDConnect检索的Authorization: Bearer <access_token>
(google创建JWT令牌)
当用@jwt_required
验证端点(顺便说一下graphQL端点)时,我得到了错误The specified alg value is not allowed
我尝试将configuration options调整为状态here,但运气不佳。(基本上是将JWT_ALGORITHM
或JWT_PUBLIC_KEY
设置为RS256,然后我得到JWT_PUBLIC_KEY must be set to use asymmetric cryptography algorithm "RS256"
或Could not deserialize key data.
以下是JWT谷歌形状:
标题:
"alg": "RS256",
"kid": "",
"typ": "JWT"
}
正文:
{
"iss": "https://accounts.google.com",
"azp": "some.apps.googleusercontent.com",
"aud": "some.apps.googleusercontent.com",
"sub": "some_uuid",
"email": "email@test.com",
"email_verified": true,
"at_hash": "",
"name": "use_full_name",
"picture": "https://lh3.googleusercontent.com/a-/some",
"given_name": "user_name",
"family_name": "last_name",
"locale": "en",
"iat": 1572189191,
"exp": 1572192791
}
感谢您的帮助!(继续努力)
目前没有回答
相关问题 更多 >
编程相关推荐