In this lesson we will look at all of the pieces that combine together to create a JWT (j AWT) or JSON Web Token. You will use node to create a JWT, and then verify it in the JWT debugger.

What is the JSON Web Token structure?

JSON Web Tokens consist of three parts separated by dots (.), which are:

  • Header
  • Payload
  • Signature

Therefore, a JWT typically looks like the following.

xxxxx.yyyyy.zzzzz

Let's break down the different parts.

Create a header:

The header typically consists of two parts: the type of the token, which is JWT, and the hashing algorithm being used, such as HMAC SHA256 or RSA.

let header = {

  typ: 'JWT',

  alg: 'HS256'

};

header = new Buffer(JSON.stringify(header)).toString('base64');

console.log(header);

Create a paylaod:

The second part of the token is the payload, which contains the claims. Claims are statements about an entity (typically, the user) and additional metadata. There are three types of claims: reservedpublic, and privateclaims.

let payload = {

  iat: Date.now(),

  iss: 'nodebotanist',

  username: 'nodebotanist'

};

payload = new Buffer(JSON.stringify(payload)).toString('base64');

console.log("payload", payload);

Create a signature:

To create the signature part you have to take the encoded header, the encoded payload, a secret, the algorithm specified in the header, and sign that.

For example if you want to use the HMAC SHA256 algorithm, the signature will be created in the following way:

HMACSHA256(

  base64UrlEncode(header) + "." +

  base64UrlEncode(payload),

  secret)
let key = header + '.' + payload;

let signature = crypto.createHmac('sha256', 'zhentian');

signature.update(key);

key = signature.digest('base64');

let token = header + '.' +payload + '.' + key

console.log("token", token)

----------------

let header = {

  typ: 'JWT',

  alg: 'HS256'

};

header = new Buffer(JSON.stringify(header)).toString('base64');

console.log(header);

let payload = {

  iat: Date.now(),

  iss: 'nodebotanist',

  username: 'nodebotanist'

};

payload = new Buffer(JSON.stringify(payload)).toString('base64');

console.log("payload", payload);

let key = header + '.' + payload;

let signature = crypto.createHmac('sha256', 'zhentian');

signature.update(key);

key = signature.digest('base64');

let token = header + '.' +payload + '.' + key

console.log("token", token)

Debugger

最新文章

  1. Posix消息队列
  2. MySQL 存储过程 定时任务
  3. [转载]initwithcoder和 initwithframe
  4. delphi 712 Word 2
  5. Dashboards (Android)
  6. 各大Oj平台介绍[转]
  7. 我的"Hello World!"之旅
  8. UOJ#310.【UNR #2】黎明前的巧克力(FWT)
  9. Javaweb学习笔记——(十二)——————JSP指令:page指令、include指令、taglib指令,JavaBean,内省,EL表达式
  10. Excel中substitute替换函数的使用方法
  11. (转)postfix疯狂外发垃圾邮件之分析与解决
  12. 【LOJ】#2546. 「JSOI2018」潜入行动
  13. Verilog 加法器和减法器(4)
  14. vijos1746 floyd
  15. tfn2k工具使用介绍
  16. golang 切片小记
  17. C#获取Json字符串中的某个值
  18. google friendly testing
  19. 关于iframe和div窗口中ajax请求200状态时执行的回调问题
  20. 3D开源推荐:全球卫星地图 Esri-Satellite-Map

热门文章

  1. Windows server 2008下开启telnet功能
  2. 解决eclipse+tomcat7的中文乱码的一个方法
  3. SQL Server 行列转换
  4. *[codility]GenomicRangeQuery
  5. 坚持Delphi的厂商与产品
  6. springmvc工作流程
  7. 加快VisualStudio的开发速度--VS的一些开发技巧
  8. 《C#并行编程高级教程》第2章 命令式编程 笔记
  9. web网站加速之CDN(Content Delivery Network)技术原理
  10. golang安装卸载 linux+windows+raspberryPI 平台