<p>我正在尝试获取 jwt 令牌，但每次我尝试的所有操作都会出现错误。以下是我尝试过的事情。我确实在没有包的情况下获得了 jwt-token，但是当我使用 jwt.io 检查签名验证时，每次都会失败。使用该软件包时，我遇到了不同的错误，例如<em>私钥无法强制执行</em>，有时<em>算法无效</em>。请纠正我哪里搞砸了。</p> <ul> <li><strong>没有 php-Jwt</strong></li> </ul> <pre class="brush:php;toolbar:false;">$header = [ 'alg' =&gt; &quot;RS384&quot;, 'typ' =&gt; &quot;JWT&quot; ]; $payload = [ 'iss' =&gt; 'my-client-id', 'sub' =&gt; 'my-client-id', 'aud' =&gt; &quot;https://fhir.epic.com/interconnect-fhir-oauth/oauth2/token&quot;, 'jti' =&gt; (string)strtotime(gmdate(&quot;Y-m-d H:i:s&quot;)), 'exp' =&gt; strtotime(gmdate(&quot;Y-m-d H:i:s&quot;)) + 270, ]; $privateKey = &quot;my private Key&quot; $headers_encoded = $this-&gt;base64url_encode(json_encode($header)); $payload_encoded = $this-&gt;base64url_encode(json_encode($payload)); $signature = hash_hmac('sha384', $headers_encoded.'.'.$payload_encoded, $privateKey, true); // Encode the signature as a base64url string $signature_encoded = $this-&gt;base64url_encode($signature); $jwt = $headers_encoded.'.'.$payload_encoded.'.'.$signature_encoded;</pre> <p><strong>- 使用 php-jwt</strong></p> <ol> <li>安装了该软件包 <em>作曲家需要 firebase/php-jwt --ignore-platform-req=ext-mongodb</em></li> <li>在我的控制器中使用了所需的文件</li> </ol> <pre class="brush:php;toolbar:false;">use Firebase\JWT\JWT; use Firebase\JWT\Key;</pre> <ol start="3"> <li>尝试编码：</li> </ol> <pre class="brush:php;toolbar:false;">$check = JWT::encode( $header, $payload, $privateKey, 'RS384' );</pre> <p>我收到不同的错误，例如<em>无法强制执行私钥</em>，有时<em>算法无效</em>。请纠正我哪里搞砸了。</p> <p>简单来说，这就是我正在做或正在尝试做的事情。我的代码的通用形式：</p> <pre class="brush:php;toolbar:false;">&lt;?php // Load the private key from a file $privateKey = file_get_contents('private.key'); // Set the header and payload for the JWT $header = [ 'alg' =&gt; 'RS384', 'typ' =&gt; 'JWT' ]; $payload = [ 'sub' =&gt; '1234567890', 'name' =&gt; 'John Doe', 'iat' =&gt; 1516239022 ]; // Encode the header and payload as JSON strings $headerEncoded = base64_encode(json_encode($header)); $payloadEncoded = base64_encode(json_encode($payload)); // Concatenate the header, payload, and secret to create the signature $signature = hash_hmac('sha384', &quot;$headerEncoded.$payloadEncoded&quot;, $privateKey, true); // Encode the signature as a base64 string $signatureEncoded = base64_encode($signature); // Concatenate the header, payload, and signature to create the JWT $jwt = &quot;$headerEncoded.$payloadEncoded.$signatureEncoded&quot;; echo $jwt;</pre> <p>我确实得到了 jwt 签名，但在 https://jwt.io/ 上它显示未经验证。</p>

openssl_sign($data, $signature, $privateKey, OPENSSL_ALGO_SHA384);

$privateKey =  "------BEGIN PRIVATE KEY------\n".
"MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC7VJTUt9Us8cKj\n".
"MzEfYyjiWA4R4/M2bS1GB4t7NXp98C3SC6dVMvDuictGeurT8jNbvJZHtCSuYEvu\n".
.
.
.
"TQrKhArgLXX4v3CddjfTRJkFWDbE/CkvKZNOrcf1nhaGCPspRJj2KUkj1Fhl9Cnc\n".
"dn/RsYEONbwQSjIfMPkvxF+8HQ==\n".
"------END PRIVATE KEY------";