我使用Codeigniter和JWT-library为我的Auth0 API生成JWT令牌 . 如果我在jwt.io上检查生成的令牌并写下我的秘密我也会解码令牌 . 当我尝试在Auth0 API上使用生成的令牌时,我收到了错误:
{
"statusCode": 401,
"error": "Unauthorized",
"message": "Invalid signature received for JSON Web Token validation",
"attributes": {
"error": "Invalid signature received for JSON Web Token validation"
}
}
我的代码是下一个:
$this->load->library("JWT");
$CONSUMER_KEY = 'xxxxxxxxxxxxxxxxxxxx';
$CONSUMER_SECRET = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';
$token = $this->jwt->encode(array(
'aud'=>$CONSUMER_KEY,
'scopes'=>array('users'=>array('actions'=>array('read'))),
'iat'=>strtotime("now"),
'jti'=>'RApplrxJ7rrlTDM6swoY2tV2azr5fo5b' //random string
), $CONSUMER_SECRET);
有谁知道如何解决这个问题并验证令牌签名?
更新:现在我注意到,如果选中“secret base64 encoded”,我的签名无效,应该已经检查过了 .
提前致谢