JWT Token由以下三部分组成:
-
json { "alg": "HS256", "typ": "JWT" }
-
json { "sub": "1234567890", "name": "John Doe", "iat": 1516239022 } -
VERIFY SIGNATURE
json HMACSHA256( base64UrlEncode(header) + "." + base64UrlEncode(payload), your-256-bit-secret )
json
{
"alg": "HS256",
"typ": "JWT"
}
json
{
"sub": "1234567890",
"name": "John Doe",
"iat": 1516239022
}
VERIFY SIGNATURE
json
HMACSHA256(
base64UrlEncode(header) + "." +
base64UrlEncode(payload),
your-256-bit-secret
)