1

我正在尝试设置 auth0,但遇到了问题。我可以得到我的令牌,当我去 jwt.io 时它会正确解码它,但我不能用 python 解码它。当我尝试时,我得到了这个错误

AuthError: ({'code': 'invalid_header', 'description': 'Unable to parse authentication token.'}, 400)

File "/usr/local/lib/python3.5/dist-packages/jose/jws.py", line 263, in _verify_signature
raise JWSSignatureError()
During handling of the above exception, another exception occurred:
File "/usr/local/lib/python3.5/dist-packages/jose/jwt.py", line 132, in decode
payload = jws.verify(token, key, algorithms, verify=verify_signature)
File "/usr/local/lib/python3.5/dist-packages/jose/jws.py", line 75, in verify
_verify_signature(signing_input, header, signature, key, algorithms)
File "/usr/local/lib/python3.5/dist-packages/jose/jws.py", line 265, in _verify_signature
raise JWSError('Signature verification failed.')
During handling of the above exception, another exception occurred:
File "/home/mike/fullstack2/auth0/app.py", line 86, in verify_decode_jwt
issuer='https://dcadventuresonline.us.auth0.com/'
File "/usr/local/lib/python3.5/dist-packages/jose/jwt.py", line 134, in decode
raise JWTError(e)

我可以使用以下代码获取令牌:


@app.route('/callback')
def callback():
    payload = {'grant_type':'client_credentials',
                'client_id':'JXHzBwF6DPiXU2fBjPe1Nd7bYPC6vZ0o',
                'client_secret':'aSEqerZw31L19r9QzdcbrLBIVY3i2WD3U6Cd2kBwY0MIKWJrlMNny6A7nySzlSS1',
                'audience':'image'
                }
    request_headers = { 'content-type': "application/x-www-form-urlencoded" }

    url = "https://dcadventuresonline.us.auth0.com/oauth/token"

    response = requests.post(url=url, headers=request_headers, data=payload)
    print(response.json())
    data = response.json()
    token = data['access_token']

但我无法使用以下代码对其进行解码:

def verify_decode_jwt(token):
    print(token)
    jsonurl = urlopen('https://dcadventuresonline.us.auth0.com/.well-known/jwks.json')
    jwks = json.loads(jsonurl.read().decode('utf-8'))
    print(jwks)
    rsa_key = {}

    for key in jwks['keys']:
        #if key['kid'] == unverified_header['kid']:
        rsa_key = {
            'kty': key['kty'],
            'kid': key['kid'],
            'use': key['use'],
            'n': key['n'],
            'e': key['e']
            }
    if rsa_key:
        try:
            payload = jwt.decode(
                token,
                rsa_key,
                algorithms=['RS256'],
                audience='image',
                issuer='https://dcadventuresonline.us.auth0.com/'
            )

            return payload

        except jwt.ExpiredSignatureError:
            raise AuthError({
                'code': 'token_expired',
                'description': 'Token expired.'
            }, 401)

        except jwt.JWTClaimsError:
            raise AuthError({
                'code': 'invalid_claims',
                'description': 'Incorrect claims. Please, check the audience and issuer.'
            }, 401)
        except Exception:
            raise AuthError({
                'code': 'invalid_header',
                'description': 'Unable to parse authentication token.'
            }, 400)
    raise AuthError({
                'code': 'invalid_header',
                'description': 'Unable to find the appropriate key.'
            }, 400)

这里出了什么问题?

4

0 回答 0