3

我正在尝试验证从“使用 Apple 登录”服务获得的身份令牌。

文档说身份令牌是 JSON Web 令牌(JWT),但我得到的身份令牌格式如下:

identityToken = ZXlKcmFXUWlPaUpCU1VSUFVFc3hJaXdpWVd4bklqb2lVbE15TlRZaWZRLmV5SnBjM01pT2lKb2RIUndjem92TDJGd2NHeGxhV1F1WVhCd2JHVXVZMjl0SWl3aVlYVmtJam9pWTI5dExteHZiMjVuTG5Oa2F5NTBaWE4wTG05MlpYSnpaV0VpTENKbGVIQWlPakUxTnpBNE5qSTJPVElzSW1saGRDSTZNVFUzTURnMk1qQTVNaXdpYzNWaUlqb2lNREF4TURNNUxqSXpNemxrWXpReU9XWXhPVFExWW1NNVpqQXpZekU1T1RVeU1HUXlZMlUwTGpBek1EWWlMQ0pqWDJoaGMyZ2lPaUpoWkhZMFEyVnZSMjF5VDNWbVZrbG9SRzl4TFhobklpd2lZWFYwYUY5MGFXMWxJam94TlRjd09EWXlNRGt5ZlEuT19nTm1hTDdtd1hXcUpKX1ZIaElzT25IYWF4cnM0a1VWMVJzWjZwWEdHT1JFcnAxeXU0TzRzcWwtbnJrRl9xR2pRN2syLWxoQ25BWnRYOC13ektRNUM3M0NZZTFJRW1VTUFSS2ItYk1fdGx2YlVscmhXRGhkSjZSWVdpaTEwVklyN0oway1pZlEyb3lXUmRUTnNDTmpBaHM4SVMzYWxfQ0RqajhyY2hQa1djRHBKMGdqSm9Bamhua2hFRlllVWMxMWxaazFHVmRITXVoN3hqNUotVW1HNFNlczJ0OXBvcjZaTjZhc0lucENnM3lKaU5YREtMRDg2enRtc1NEem1rTGhFX2JLLWhaZlRRakNTSWx4TDJobm82NlVPbVJfMTNibDdsRmo0cTF3RVVQeFRCMDZGcTBBNkRXQ1lVa1ZaN0dScVhCWURDNUNqX2hhd2ZHUTIwandR

此令牌不是 JWT 格式。我应该如何处理身份令牌以获取 JWT 格式?

4

4 回答 4

9

我很确定您再次对字符串进行 base64 编码。做一串就行了

String(data: appleIdCredential.identityToken!, encoding: .utf8)
于 2020-03-22T18:21:33.060 回答
1

您的“使用 Apple 登录”可能有问题。那应该返回如下响应:

{
  "authorizationCode": ...,
  "identityToken": ...,
  "realUserStatus": ...,
  "user": ...
}

其中“identityToken”是您要查找的内容,即具有以下信息的 JWT 令牌:

{
  "iss": "https://appleid.apple.com",
  "aud": ...,
  "exp": 1575106544,
  "iat": 1575105944,
  "sub": ...,
  "c_hash": ...,
  "email": ...,
  "email_verified": "true",
  "is_private_email": "true",
  "auth_time": 1575105944
}

这是文档:https ://developer.apple.com/documentation/signinwithapplerestapi/authenticating_users_with_sign_in_with_apple

于 2019-11-30T09:45:26.323 回答
1

身份令牌将采用 base64 编码。您可以在调试器中将其打印出来,例如

po String(data: appleIdCredential.identityToken!, encoding: .utf8)!

然后你可以将它的输出复制到jwt.io以检查它的内容。

(您的示例值不是有效的 jwt 值,所以我不确定您从哪里得到它。)

于 2020-01-08T19:01:49.410 回答
0

只需将 id 令牌传递给解码功能

func decode(jwtToken jwt: String) -> [String: Any] {
  let segments = jwt.components(separatedBy: ".")
  return decodeJWTPart(segments[1]) ?? [:]
}

func base64UrlDecode(_ value: String) -> Data? {
  var base64 = value
    .replacingOccurrences(of: "-", with: "+")
    .replacingOccurrences(of: "_", with: "/")

  let length = Double(base64.lengthOfBytes(using: String.Encoding.utf8))
  let requiredLength = 4 * ceil(length / 4.0)
  let paddingLength = requiredLength - length
  if paddingLength > 0 {
    let padding = "".padding(toLength: Int(paddingLength), withPad: "=", startingAt: 0)
    base64 = base64 + padding
  }
  return Data(base64Encoded: base64, options: .ignoreUnknownCharacters)
}

func decodeJWTPart(_ value: String) -> [String: Any]? {
  guard let bodyData = base64UrlDecode(value),
    let json = try? JSONSerialization.jsonObject(with: bodyData, options: []), let payload = json as? [String: Any] else {
      return nil
  }

  return payload
}

喜欢:

让 jwt = 尝试解码(jwtToken: stringToken)

然后您可以获得所需的数据,例如:

让 _ = jwt[""] 作为?细绳

于 2021-03-31T16:22:56.790 回答