我使用以下代码将证书转换为公钥并传递给 JwtConsumer:
jwt = "eU13VUDPQsLv2fvbCPEyeuQubditVOguIa2UWvaMhx2ES7cMlTL8F6IgplgpG_H7bXpduPnFUncn7zUYRXmvw_Bts8EfqICeGa5db6RGmofeA01OqowgCfxhWLwmU786riJIT0twMFe...............................BzR7DOvqsahbsx93yKqB_5Q";
// read public key from a file or config or something
String publicKeyPEM =
"-----BEGIN CERTIFICATE-----\n" +
"MIIFuDCCBKCgAwIBAgIQXQ/D2sE/XdZYvdViF83mMzANBgkqhkiG9w0BAQsFADB+\n" +
......................................................................................................... "saQRa7TBj6gAdlYwJVR+4hpLngANpwAG+bXHuEs+Ns/dE/s+b7aUb8/IJTWNtaaQ\n" +
"lMvr/4xtT6ZNCiaIM3uvIvzHqPxCn3sWa94FP9FIg3mbIia1ZbUx8NyMpETOjxaO\n" +
"X242VTjKf7mLCqibyn3kj93zZjgNa0AlbF/QdE9z4tQ58BwoDVlNK4mGv7Uq2nca\n" +
"2qTrgWcVVKyhKMnytiQ4LTs5O45R/YNbnEH7CA==\n" +
"-----END CERTIFICATE-----";
RsaKeyUtil rsaKeyUtil = new RsaKeyUtil();
PublicKey publicKey = rsaKeyUtil.fromPemEncoded(publicKeyPEM);
// create a JWT consumer
JwtConsumer jwtConsumer = new JwtConsumerBuilder()
.setRequireExpirationTime()
.setVerificationKey(publicKey)
.build();
// validate and decode the jwt
JwtClaims jwtDecoded = jwtConsumer.processToClaims(jwt);
但是,我在创建 PublicKey 实例时收到以下错误。
Starting Applicationjava.security.InvalidKeyException: IOException: ObjectIdentifier() -- data isn't an object ID (tag = -96)
这可能是什么原因? 
JWT.IO 显示签名有效。
收到的证书为.cer 格式。
最佳答案
-----BEGIN CERTIFICATE----- 表示您拥有证书,而不是公钥。证书包含公钥
InputStream is = new ByteArrayInputStream(pemString.getBytes("UTF-8));
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Certificate cert = cf.generateCertificate(is);
PublicKey publicKey= cert.getPublicKey();
关于java - 如何使用提供的 .cer 文件解码 JWT RS256 token ?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/47028633/