場景

集合了<jjwt.version>0.11.5</jjwt.version>版本的 jwt

<dependency><groupId>io.jsonwebtoken</groupId><artifactId>jjwt-api</artifactId><version>${jjwt.version}</version></dependency><dependency><groupId>io.jsonwebtoken</groupId><artifactId>jjwt-impl</artifactId><version>${jjwt.version}</version><scope>runtime</scope></dependency><dependency><groupId>io.jsonwebtoken</groupId><artifactId>jjwt-jackson</artifactId> <!-- or jjwt-gson if Gson is preferred --><version>${jjwt.version}</version><scope>runtime</scope></dependency>

原 signWith 方法過時(shí)，更改后報(bào)錯(cuò)如下

主要錯(cuò)誤信息如下

The specified key byte array is 136 bits which is not secure enough for any JWT HMAC-SHA algorithm.

2022-05-11 16:44:38.748 ERROR 83332 --- [io-13921-exec-1] o.a.c.c.C.[.[.[.[dispatcherServlet] : Servlet.service() for servlet [dispatcherServlet] in context with path [/admin] threw exception [Request processing failed; nested exception is io.jsonwebtoken.security.WeakKeyException: The specified key byte array is 136 bits which is not secure enough for any JWT HMAC-SHA algorithm. The JWT JWA Specification (RFC 7518, Section 3.2) states that keys used with HMAC-SHA algorithms MUST have a size >= 256 bits (the key size must be greater than or equal to the hash output size). Consider using the io.jsonwebtoken.security.Keys#secretKeyFor(SignatureAlgorithm) method to create a key guaranteed to be secure enough for your preferred HMAC-SHA algorithm. See https://tools.ietf.org/html/rfc7518#section-3.2 for more information.] with root causeio.jsonwebtoken.security.WeakKeyException: The specified key byte array is 136 bits which is not secure enough for any JWT HMAC-SHA algorithm. The JWT JWA Specification (RFC 7518, Section 3.2) states that keys used with HMAC-SHA algorithms MUST have a size >= 256 bits (the key size must be greater than or equal to the hash output size). Consider using the io.jsonwebtoken.security.Keys#secretKeyFor(SignatureAlgorithm) method to create a key guaranteed to be secure enough for your preferred HMAC-SHA algorithm. See https://tools.ietf.org/html/rfc7518#section-3.2 for more information.at io.jsonwebtoken.security.Keys.hmacShaKeyFor(Keys.java:96) ~[jjwt-api-0.11.5.jar:0.11.5]at com.admin.utils.JwtTokenUtils.generateToken(JwtTokenUtils.java:42) ~[classes/:na]at com.admin.service.AdminUserService.adminLogin(AdminUserService.java:59) ~[classes/:na]at com.admin.service.AdminUserService$$FastClassBySpringCGLIB$$1.invoke(<generated>) ~[classes/:na]at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218) ~[spring-core-5.3.19.jar:5.3.19]at org.springframework.aop.framework.CglibAopProxy.invokeMethod(CglibAopProxy.java:386) ~[spring-aop-5.3.19.jar:5.3.19]at org.springframework.aop.framework.CglibAopProxy.access$000(CglibAopProxy.java:85) ~[spring-aop-5.3.19.jar:5.3.19]at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:704) ~[spring-aop-5.3.19.jar:5.3.19]at com.admin.service.AdminUserService$$EnhancerBySpringCGLIB$$1.adminLogin(<generated>) ~[classes/:na]at com.admin.controller.UserController.adminLogin(UserController.java:26) ~[classes/:na]at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_332]at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_332]at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_332]at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_332]

解決

給下述代碼中的JWT_SECRET字段弄長點(diǎn)，大概 256 來個(gè)字符的時(shí)候就可以了

/*** 根據(jù)用戶信息生成token*/public String generateToken(String username) {Claims claims = Jwts.claims().setSubject(username);SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;SecretKey key = Keys.hmacShaKeyFor(JWT_SECRET.getBytes(StandardCharsets.UTF_8));return Jwts.builder().setClaims(claims).setExpiration(generateExpirationDate()).signWith(key, signatureAlgorithm).compact();}

總結(jié)

以上是生活随笔為你收集整理的The specified key byte array is 136 bits which is not secure enough for any JWT HMAC-SHA algorithm.的全部內(nèi)容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。