拿到JWTtoken可以先到https://jwt.io进行解析,只要输入jwttoken即可看到解析结果,便于编码时获取自己需要的结果。
func Getnssa(jwttoken string) (ns, sa string) {
//SecretKey是自己定义的一个常量
claims, err := ParseToken(jwttoken, []byte(SecretKey))
claim := claims.(jwt.MapClaims)
var namespace interface{}
var serviceaccount interface{}
for key, val := range claim {
switch key {
case "kubernetes.io/serviceaccount/namespace":
namespace = val
case "kubernetes.io/serviceaccount/secret.name":
secretname = val
case "kubernetes.io/serviceaccount/service-account.name":
serviceaccount = val
case "kubernetes.io/serviceaccount/service-account.uid":
serviceaccountuid = val
case "sub":
nssa = val
}
}
return namespace.(string), serviceaccount.(string)
}
func ParseToken(tokenSrt string, SecretKey []byte) (claims jwt.Claims, err error) {
var token *jwt.Token
token, err = jwt.Parse(tokenSrt, func(*jwt.Token) (interface{}, error) {
return SecretKey, nil
})
claims = token.Claims
return
}