苹果授权登录 jwt node 解码
const jwt_decode = require('jwt-decode')
const NodeRSA = require('node-rsa');
const axios = require('axios');
const jwt = require('jsonwebtoken');
let token = 'ios端返回的 identityToken'
async function getApplePublicKey(token) {
let res = await axios.request({
method: "GET",
url: "https://appleid.apple.com/auth/keys",
})
let decodedHeader = jwt_decode(token, { header: true });
let key = res.data.keys.filter(f => f.kid === decodedHeader.kid)[0]
const pubKey = new NodeRSA();
pubKey.importKey({ n: Buffer.from(key.n, 'base64'), e: Buffer.from(key.e, 'base64') }, 'components-public');
return pubKey.exportKey(['public']);
};
async function verifyIdToken(id_token) {
const applePublicKey = await getApplePublicKey(id_token);
const jwtClaims = jwt.verify(id_token, applePublicKey, { algorithms: 'RS256' });
return jwtClaims;
};
verifyIdToken(token).then(res => {
console.log(res)
})