diff --git a/docs/Jwt.md b/docs/Jwt.md new file mode 100644 index 0000000..8fe13e8 --- /dev/null +++ b/docs/Jwt.md @@ -0,0 +1,35 @@ +# JWT + +## 安装 + +```shell +go get git.tsl3060.com/openapi/go-security/jwt +``` + +将包放在你的项目文件夹下,并在 import 中添加以下内容: + +```golang +import jwt "git.tsl3060.com/openapi/go-security/jwt" +``` + +## 基本使用 + +### 获取服务器公钥 + +访问[https://opendev.tsl3060.com/certs/publickey](https://opendev.tsl3060.com/certs/publickey)以获取服务器公钥 + +### 配置并使用示例 + +```golang +// 设置公钥 +service, err := jwt.NewTokenService("public key") +if err != nil { + return +} +// 校验解析token +token, err := service.VerifyToken("token") +if err != nil { + return +} +fmt.Println(token) +``` diff --git a/jwt/jwt.go b/jwt/jwt.go index d642f77..3a2ad1c 100644 --- a/jwt/jwt.go +++ b/jwt/jwt.go @@ -1,37 +1,40 @@ package jwt import ( - "embed" + "crypto/rsa" "errors" "fmt" "github.com/dgrijalva/jwt-go" ) +// TokenService 是用于 JWT 操作的服务 +type TokenService struct { + publicKey *rsa.PublicKey +} + +// NewTokenService 创建一个新的 TokenService 实例 +func NewTokenService(publicKeyString string) (*TokenService, error) { + publicKey, err := jwt.ParseRSAPublicKeyFromPEM([]byte(publicKeyString)) + if err != nil { + return nil, fmt.Errorf("解析公钥失败: %v", err) + } + + return &TokenService{ + publicKey: publicKey, + }, nil +} + // TokenData 用于存储解析的 token 数据 type TokenData struct { Expired float64 Frequency float64 } -//go:embed server_public_key.pem -var publicKeyEmbed embed.FS - // VerifyToken 解析并验证 JWT,返回 TokenData 或错误 -func VerifyToken(tokenString string) (*TokenData, error) { - // 从文件中读取公钥 - publicKeyPem, err := publicKeyEmbed.ReadFile("server_public_key.pem") - if err != nil { - return nil, fmt.Errorf("加载公钥失败: %v", err) - } - - publicKey, err := jwt.ParseRSAPublicKeyFromPEM(publicKeyPem) - if err != nil { - return nil, fmt.Errorf("解析公钥失败: %v", err) - } - +func (j *TokenService) VerifyToken(tokenString string) (*TokenData, error) { // 解析并验证 JWT token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) { - return publicKey, nil + return j.publicKey, nil }) if err != nil { diff --git a/jwt/server_public_key.pem b/jwt/server_public_key.pem deleted file mode 100644 index a01136a..0000000 --- a/jwt/server_public_key.pem +++ /dev/null @@ -1,9 +0,0 @@ ------BEGIN PUBLIC KEY----- -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZ63ry9k3F2WExbOqaM7 -Kuacqt7U4ja5x6BomSoMp2TpgTRXOvTAMH+etRkqKDDPoHoNl23vryPQpx6v4tLn -7onqhBexGV8EWjWyWkBOGI9LBvhjG5eWWwisnpUNlbeYUBanzxJEm6Fx0hqKK7Xy -OXiwA0FotL7OEhfHaTEsp18EXkGSih9tZejLU5GITH26h/9sAz9Frdwe6NhZm712 -s8H7r63/ecd522JHqdVbmg7nj0dCwJ5fWLx1pnbDfaGD8PR7sfRSWs6f2NHBKgRk -8sdD4l7Q38bpBIwhAjRiwWsj3+RQhS5BoTjunvysrMS1J6/nfQi97yJoedWUz2DS -BQIDAQAB ------END PUBLIC KEY----- \ No newline at end of file diff --git a/test/jwt_test.go b/test/jwt_test.go new file mode 100644 index 0000000..6e1203e --- /dev/null +++ b/test/jwt_test.go @@ -0,0 +1,23 @@ +package test + +import ( + "fmt" + "git.tsl3060.com/openapi/go-security/jwt" + "testing" +) + +func Test_Jwt(t *testing.T) { + t.Run("test jwt", func(t *testing.T) { + // 设置公钥 + service, err := jwt.NewTokenService("public key") + if err != nil { + return + } + // 校验解析token + token, err := service.VerifyToken("token") + if err != nil { + return + } + fmt.Println(token) + }) +}