php editor Zimo may encounter the error message: "Invalid token signature: Invalid key type" when using go-jwt for token verification. This error is caused by a mismatch between the token's signature and the key type. The token signature is an important part of validating the token, and the key type specifies the algorithm used to generate and verify the signature. To solve this problem, we need to ensure that the token's signing algorithm is consistent with the key type. Next, we will detail how to properly configure and use go-jwt to avoid this error.
Error occurred
token signature is invalid: key is of invalid type
When trying to verify the jwt token. Use golang-jwt (v5) library.
Here's how I generate the token:
const ( secretkey = "162475e134198bd451af0b88a5defe132c72cb26fd58449772883b90c498b484" tokenlifespan = 4 ) func generatetoken() (string, error) { claims := jwt.mapclaims{} claims["authorized"] = true claims["foo"] = "bar" claims["exp"] = time.now().add(time.hour * time.duration(tokenlifespan)).unix() token := jwt.newwithclaims(jwt.signingmethodhs256, claims) return token.signedstring([]byte(secretkey)) }
This is the generated token:
This is how I verify the token:
func ValidateToken(c *gin.Context) error { token, err := GetToken(c) if err != nil { return err } _, ok := token.Claims.(jwt.MapClaims) if ok && token.Valid { return nil } return errors.New("invalid token provided") } func GetToken(c *gin.Context) (*jwt.Token, error) { tokenString := getTokenFromRequest(c) token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) { if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"]) } return token, nil }) return token, err } func getTokenFromRequest(c *gin.Context) string { bearerToken := c.Request.Header.Get("Authorization") splitToken := strings.Split(bearerToken, " ") if len(splitToken) == 2 { return splitToken[1] } return "" }
Any suggestions how to get it working? What am I missing? Thanks.
keyfuncUse the parse method as a callback function to provide the verification key. So it should return a key instead of parametertoken *jwt.token.
token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) { if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"]) } - return token, nil + return []byte(secretKey), nil })
The above is the detailed content of go-jwt token validation error - invalid token signature: Invalid key type. For more information, please follow other related articles on the PHP Chinese website!
What is the difference between dubbo and zookeeper
How to skip online activation in win11
How to comment code in html
Bitcoin trading platform
How to set up WeChat anti-blocking function
The difference between win10 sleep and hibernation
What is the impact of closing port 445?
How to use localstorage
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
