android - APIGEE API 的“缺少必填字段”响应

Question

我在 Android 中使用 nimbus-jose-jwt 库生成加密的 JWT (JWE)，并将其发送到 APIGEE API 的主体中。

我使用以下代码生成加密的 JWT：

public class EncryptedJWTGenerator {
    String jweString;
    Map<String, Object> map = new HashMap<>();

    @RequiresApi(api = Build.VERSION_CODES.O)
    public EncryptedJWTGenerator() throws NoSuchAlgorithmException, JOSEException, InvalidKeySpecException {

        String publicKey = <my_public_key>;

        try {
            // create Gson instance
            Gson gson = new Gson();

            URL url = getClass().getResource("Payload.json"); //JSON file having the Payload

            // create a reader
            Reader reader = Files.newBufferedReader(Paths.get(url.toURI().getPath()));

            // convert JSON file to map
            map = gson.fromJson(reader, Map.class);

            // print map entries
            for (Map.Entry<?, ?> entry : map.entrySet()) {
                System.out.println(entry.getKey() + "=" + entry.getValue());
            }

            // close reader
            reader.close();

        } catch (Exception ex) {
            ex.printStackTrace();
        }

        JWEAlgorithm alg = JWEAlgorithm.RSA_OAEP_256;
        EncryptionMethod enc = EncryptionMethod.A256GCM;


        byte[] publicBytes = Base64.decodeBase64(publicKey);
        X509EncodedKeySpec keySpec = new X509EncodedKeySpec(publicBytes);
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        PublicKey pubKey = keyFactory.generatePublic(keySpec);

        // Generate the preset Content Encryption (CEK) key
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(EncryptionMethod.A256GCM.cekBitLength());

        SecretKey cek = keyGenerator.generateKey();

        JOSEObjectType joseObjectType = new JOSEObjectType("JWT");
        JWEHeader jweHeader = new JWEHeader(alg, enc, joseObjectType, null, null, null, null, null, null, null, null, null, null,
                null, null, null, null, 0, null, null, null, null);

        // Encrypt the JWE with the RSA public key + specified AES CEK
        JWEObject jweObject = new JWEObject(new JWEHeader(jweHeader), new Payload(map));

        jweObject.encrypt(new RSAEncrypter((RSAPublicKey) pubKey, cek));

        jweString = jweObject.serialize();
    }
}

但是当我在 API 的主体中使用这个 JWE 时，我得到以下响应：

{
    "Code": 0,
    "Response": {},
    "Message": "Mandatory Fields are missing"
}

但是当我使用这个工具 ->https://dinochiesa.github.io/jwt/生成 JWE 并将其与 APIGEE API 一起使用时，它工作正常。

我在 JWE 生成的代码中遗漏了什么吗？

Answer 1

通过将我的 JSON 作为字符串传递给 Payload 来解决它，而不是从文件中读取并转换为映射并将其传递给 Payload。

替换JWEObject jweObject = new JWEObject(new JWEHeader(jweHeader), new Payload(map));为：

 JWEObject jweObject = new JWEObject(new JWEHeader(jweHeader), new Payload(<my_json_string>));