公钥可配置

1 year ago · 8daa385306
parent 1035f72f72
commit 8daa385306
4 changed files with 78 additions and 26 deletions
--- a/docs/Jwt.md
+++ b/docs/Jwt.md
@ -0,0 +1,35 @@
+# JWT
+
+## 安装
+
+```shell
+go get git.tsl3060.com/openapi/go-security/jwt
+```
+
+将包放在你的项目文件夹下，并在 import 中添加以下内容:
+
+```golang
+import jwt "git.tsl3060.com/openapi/go-security/jwt"
+```
+
+## 基本使用
+
+### 获取服务器公钥
+
+访问[https://opendev.tsl3060.com/certs/publickey](https://opendev.tsl3060.com/certs/publickey)以获取服务器公钥
+
+### 配置并使用示例
+
+```golang
+// 设置公钥
+service, err := jwt.NewTokenService("public key")
+if err != nil {
+    return
+}
+// 校验解析token
+token, err := service.VerifyToken("token")
+if err != nil {
+    return
+}
+fmt.Println(token)
+```
--- a/jwt/jwt.go
+++ b/jwt/jwt.go
@ -1,37 +1,40 @@
 package jwt

 import (
-	"embed"
+	"crypto/rsa"
 	"errors"
 	"fmt"
 	"github.com/dgrijalva/jwt-go"
 )

+// TokenService 是用于 JWT 操作的服务
+type TokenService struct {
+	publicKey *rsa.PublicKey
+}
+
+// NewTokenService 创建一个新的 TokenService 实例
+func NewTokenService(publicKeyString string) (*TokenService, error) {
+	publicKey, err := jwt.ParseRSAPublicKeyFromPEM([]byte(publicKeyString))
+	if err != nil {
+		return nil, fmt.Errorf("解析公钥失败: %v", err)
+	}
+
+	return &TokenService{
+		publicKey: publicKey,
+	}, nil
+}
+
 // TokenData 用于存储解析的 token 数据
 type TokenData struct {
 	Expired   float64
 	Frequency float64
 }

-//go:embed server_public_key.pem
-var publicKeyEmbed embed.FS
-
 // VerifyToken 解析并验证 JWT，返回 TokenData 或错误
-func VerifyToken(tokenString string) (*TokenData, error) {
-	// 从文件中读取公钥
-	publicKeyPem, err := publicKeyEmbed.ReadFile("server_public_key.pem")
-	if err != nil {
-		return nil, fmt.Errorf("加载公钥失败: %v", err)
-	}
-
-	publicKey, err := jwt.ParseRSAPublicKeyFromPEM(publicKeyPem)
-	if err != nil {
-		return nil, fmt.Errorf("解析公钥失败: %v", err)
-	}
-
+func (j *TokenService) VerifyToken(tokenString string) (*TokenData, error) {
 	// 解析并验证 JWT
 	token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
-		return publicKey, nil
+		return j.publicKey, nil
 	})

 	if err != nil {
--- a/jwt/server_public_key.pem
+++ b/jwt/server_public_key.pem
@ -1,9 +0,0 @@
-----BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZ63ry9k3F2WExbOqaM7
-Kuacqt7U4ja5x6BomSoMp2TpgTRXOvTAMH+etRkqKDDPoHoNl23vryPQpx6v4tLn
-7onqhBexGV8EWjWyWkBOGI9LBvhjG5eWWwisnpUNlbeYUBanzxJEm6Fx0hqKK7Xy
-OXiwA0FotL7OEhfHaTEsp18EXkGSih9tZejLU5GITH26h/9sAz9Frdwe6NhZm712
-s8H7r63/ecd522JHqdVbmg7nj0dCwJ5fWLx1pnbDfaGD8PR7sfRSWs6f2NHBKgRk
-8sdD4l7Q38bpBIwhAjRiwWsj3+RQhS5BoTjunvysrMS1J6/nfQi97yJoedWUz2DS
-BQIDAQAB
-----END PUBLIC KEY-----
--- a/test/jwt_test.go
+++ b/test/jwt_test.go
@ -0,0 +1,23 @@
+package test
+
+import (
+	"fmt"
+	"git.tsl3060.com/openapi/go-security/jwt"
+	"testing"
+)
+
+func Test_Jwt(t *testing.T) {
+	t.Run("test jwt", func(t *testing.T) {
+		// 设置公钥
+		service, err := jwt.NewTokenService("public key")
+		if err != nil {
+			return
+		}
+		// 校验解析token
+		token, err := service.VerifyToken("token")
+		if err != nil {
+			return
+		}
+		fmt.Println(token)
+	})
+}