what returns the Google public key Endpoint

↘锁芯ラ 提交于 2020-05-25 05:07:05

问题


I am working with OpenID Connect in my application, i got the JWT token correctly from Google and I need to validate it using Signature. To achieve this i need the public key, Google provide an URL which contains all its public certificate.

https://www.googleapis.com/oauth2/v3/certs

but it returns this :

{
 "keys": [
  {
   "kty": "RSA",
   "alg": "RS256",
   "use": "sig",
   "kid": "f86c80f329b3ac69232463382fc1644167211d23",
   "n": "wItpB2JpNKNgBM-xjgFbMGLYySu0SvaSA8Ag_MpqWrlWOvWvd3JQFrNKdw1nCGrGSczP6FdCRptogSEO51UB3n1h2quH-YW3NPGt0JGqXdRARJ1I1cOVq3dvrPaZhtDcEQCBAdqEmix_ngQM5vD1t8J22JO_v_JzJlTkzfYu5dPeSoXZymtgGeofdu38L1y-FlFqD09p6IP6Fxza22cv3ST3Dsw3eQ1yzGi5YuO0scTpds0jqPAslddclo22zapqB1_6qplwunpT3qAuObYR5Xn3gPseyQiwDtIk7MpEkb_AA_r4bpUGIh9-1SX3ev8urVZJ1Sg1Y_Rr-u7oQO9pdQ",
   "e": "AQAB"
  },

what does this mean ? where is the public key or the certificate here?

Thanks for your Help !


回答1:


This looks like a JSON Web Key Set containing a description for an RSA public signing key. Parameters e and n for such keys are in turn described in JSON Web Algorithms.




回答2:


In addition to Pieter's answer, you can find the PEM X.509 certificate representation of those RSA keys here: https://www.googleapis.com/oauth2/v1/certs



来源:https://stackoverflow.com/questions/31183318/what-returns-the-google-public-key-endpoint

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!