Using Oauth 2.0 for Server to Server Applications

来源：互联网发布：泰州淘宝网店装修步骤编辑：程序博客网时间：2024/05/24 07:34

google官网关于Using Oauth 2.0 for Server to Server Applications的介绍。

首先构造JWT(a header,a claim set,and a signature)，然后通过JWT请求Token，以后就可以通过Token调用google api。Token生命周期为1个小时，过期后需要重新请求Token。

难点：根据header和claim set构造signature。

官网上虽然给出了计算步骤，但没有给出用于SHA256withRSA加密的secret key，这样无法验证自己计算出的signature是否正确！最坑的是网上也很难找到C++实现的SHA256withRSA！！

闲话少说，直接给出我是如何在C++下实现SHA256withRSA的。

这里面用到了国外的一个第三方库，https://www.example-code.com/cpp/jwt_rsa_create.asp，我下载的MInGW版.

首先在.pro文件中加入下面两行代码：

LIBS += -L"C:\jwt" -llibchilkat-9.5.0
INCLUDEPATH += $$quote(C:\jwt/include)

#include <CkPrivateKey.h>#include <CkJwt.h>#include <CkGlobal.h>//注册（免费试用30天……）bool Register(){   CkGlobal glob;   bool success = glob.UnlockBundle("Anything for 30-day trial");   if (success != true)       std::cout << glob.lastErrorText() << "\r\n";    return success;}void CreateJWT(){    Register();    CkPrivateKey privKey;    //Create service account,download .json secert key    const char *str = "-----BEGIN PRIVATE KEY-----\nMIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDSecDwk2uqokS5\nt/biJQnsj54RCvj2GR9s0213aZ68saxpSVqLGIxoAeaXEZJZ65MUI70ONRwFEF+i\nbN2cABp0smHvD5FYNmWC0zC22rMVgkVMeAKVfG4PkNzI/hDtv13wLmcAL07EoX9v\n+gP9qDdMFhhphqrajSyzFhKwBa5WcSSbJlclE9Wsr2PqA07KucLwzyB3kDjlpK20\npLouy6bkerqN4LnRgp7ZvQNZx++cHBSwWDC6UjOWZ0yS5HV6s24vMSdVuSRYbh/Y\nnaRtmowq4zzG16ldWS57PYDxOZ+F2BtcMmVvkcwyY8FNbWrVToXTWYV6OZAsutde\ns+C/SBR3AgMBAAECggEAHjOSV/MPdACs0+lt561g6y0AhXmJl+aq97au8n+ZY4Ir\nN0BrWaJAI3yCVhMTaQvAoxctvagpSSC8WFY+xm/NXAlsvB0DwiCsGEWtq89d+ywi\nPYLK/CBKurkStVSfoT3ggOJnrUMcjmKOIsdBY1iL9sME5b+JLKstStVUASYPih+X\nd/96Ul09iQ8duthFuNfIikj0aX16ZUWkEMFDHDqw0kCjPcGdm4fwqIouuBRDrAcv\nL2BmV2nxlvuLZZnuH7HlAlvIgvO+dPM74jZWxfD3owjlDZ8jyeDSBBFA98AzJsBl\npd97/XJBBmY5yM5Sn7g4NvLIjD562/89B7fbvpPXYQKBgQDu+jC0/x1rVowCm9JH\nFEN7bx5iC92VMaH6hWwkZpQglmHeIl/VhwpklDaHCLyyMpfWJCJ8kcWkMopl6Ac6\nBO+sCtbwlFCYqEkRkYWL7VwOLwQwloOtP2D1g/ZjE+p96lyPGirX6onsxW4LN8BY\nGHDpQxS5K6QTxpCChwmTIveTxQKBgQDhd9PsXGtdpIVp9pbvgkNH/qe9z0fSV4/k\nxeNv2Qu46cUVhZ0cjkQQceADYyW09xrAYjCKBeoRtLy2uYc3fukygmlhXaiI1olt\n89d/SQtFXHEs5WgXT9MYDpmggUPyDREm0deXL327sSUupu6j8PJNbFzEfk3cX1tp\nqzbJIl5/CwKBgBBPgS2JT/+4e3veGL8DMgvlrKQyfSAmsBCCNLxTR/7lZK6dl/7h\n5aKxvvr+bKqY62YRN01bQasQTAPij0O1fIo4fy0SYmHY8ovBa+T+AU9yhA2w6DHV\n5o87P4DJpjKL4V9fANeVyW4gl38qgfVBTcuN6Yct5Ff5MHnIL64cL9ulAoGAGXKx\n67qer6oTGNupO41DVMvsWOMdYyNY7WRcgFJKHWvdP8md6wwvqH+B3kABkIRXc6Fh\ngyKZwbfZmPIlzeC4J2hKxp+QlylHx64/A3HWINUHPR8DeaYb2FpFgrU0WwyYg/4p\nTDojAd1DqhlTVBOs9YomilMLLLVilvGpNFh5u/MCgYBtUHx/0ATEDuAEw7PLpKkX\nmSgOPSAVX/h7P5JYHQ6fvC15YfFb0DlJqhfPme/PL2cUB8gVYge/284GhxMISdJF\ndPcTqTQ7Jsb7VNJVwV53TEEpsJGoZIj7hotxF94oyopIIEUfPHDTojr0t0KlbvZp\nB6KP00xKU+BWUzz7NSU6hQ==\n-----END PRIVATE KEY-----";    bool success = privKey.LoadPem(str);    if (success != true) {        std::cout << privKey.lastErrorText() << "\r\n";        return;    }    CkJwt jwt;    const char *header = "{\"alg\": \"RS256\",\"typ\": \"JWT\"}";    const char *claimset = "{"                          "\"iss\": \"761326798069-r5mljlln1rd4lrbhg75efgigp36m78j5@developer.gserviceaccount.com\","                          "\"scope\": \"https://www.googleapis.com/auth/devstorage.full_control\","                          "\"aud\": \"https://www.googleapis.com/oauth2/v4/token\","                          "\"exp\": 1479988670,"                          "\"iat\": 1479985670"                          "}";    jwt.put_AutoCompact(true);    //  Create the JWT.    const char *token = jwt.createJwtPk(header,claimset,privKey);    std::cout << token << "\r\n";}

最后计算得到的JWT：

0 0