我已经用 Java 中的以前代码交叉了一些库。我在 Objective C 中找不到 JSONWebSignature 和 JSONWebEncyption 库的问题。
想知道如何在 Obj C 中实现以下代码:
//generate JWT Token
public static Map<String, String> generateJWT(String pubKey, RSAPrivateKey privKey, String keyID,
String issuer, String audience, int expireTime, int nbf, String subject, String ev){
Map<String, String> result = new HashMap<String, String>();
try {
RsaJsonWebKey eStatementJWK = (RsaJsonWebKey)PublicJsonWebKey.Factory.newPublicJwk(pubKey);//pubKeyCache.getIfPresent(bhCode)
eStatementJWK.setKeyId("rk1");
JwtClaims claims = new JwtClaims();
claims.setIssuer(issuer); // who creates the token and signs it
claims.setAudience(audience); // to whom the token is intended to be sent
claims.setExpirationTimeMinutesInTheFuture(expireTime); // time when the token will expire (10 minutes from now)
claims.setGeneratedJwtId(); // a unique identifier for the token
claims.setIssuedAtToNow(); // when the token was issued/created (now)
claims.setNotBeforeMinutesInThePast(nbf); // time before which the token is not yet valid (10 minutes ago)
claims.setSubject(subject); // the subject/principal is whom the token is about
claims.setClaim("ev",ev); // additional claims/attributes about the subject can be added
// A JWT is a JWS and/or a JWE with JSON claims as the payload.
// In this example it is a JWS nested inside a JWE
// So we first create a JsonWebSignature object.
JsonWebSignature jws = new JsonWebSignature();
//The payload of the JWS is JSON content of the JWT Claims
jws.setPayload(claims.toJson());
jws.setKey(privKey);
jws.setKeyIdHeaderValue("sk1");
// Set the signature algorithm on the JWT/JWS that will integrity protect the claims
jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.RSA_USING_SHA256);
// Sign the JWS and produce the compact serialization, which will be the inner JWT/JWS
// representation, which is a string consisting of three dot ('.') separated
// base64url-encoded parts in the form Header.Payload.Signature
String innerJwt = jws.getCompactSerialization();
// The outer JWT is a JWE
JsonWebEncryption jwe = new JsonWebEncryption();
// The output of the ECDH-ES key agreement will encrypt a randomly generated content encryption key
jwe.setAlgorithmHeaderValue(KeyManagementAlgorithmIdentifiers.RSA_OAEP);
// The content encryption key is used to encrypt the payload
// with a composite AES-CBC / HMAC SHA2 encryption algorithm
String encAlg = ContentEncryptionAlgorithmIdentifiers.AES_128_CBC_HMAC_SHA_256;
jwe.setEncryptionMethodHeaderParameter(encAlg);
// We encrypt to the receiver using their public key
jwe.setKey(eStatementJWK.getPublicKey());
jwe.setKeyIdHeaderValue(eStatementJWK.getKeyId());
jwe.setHeader("keyID",keyID);
// A nested JWT requires that the cty (Content Type) header be set to "JWT" in the outer JWT
jwe.setContentTypeHeaderValue("JWT");
// The inner JWT is the payload of the outer JWT
jwe.setPayload(innerJwt);
// Produce the JWE compact serialization, which is the complete JWT/JWE representation,
// which is a string consisting of five dot ('.') separated
// base64url-encoded parts in the form Header.EncryptedKey.IV.Ciphertext.AuthenticationTag
String jwt = jwe.getCompactSerialization();
// Now you can do something with the JWT. Like send it to some other party
// over the clouds and through the interwebs.
System.out.println("JWT="+jwt);
result.put("s", "200");
result.put("v", jwt);
} catch(Exception e) {
e.printStackTrace();
System.out.println(e.getMessage());
result.put("s", "500");
result.put("v", e.getMessage());
}
return result;
}
希望有人能够回答这个问题。