JWT 中的 aud 字段是什么意思

JWT 中的 aud 字段是什么意思网上给出的解释都是 [接收 jwt 的一方] ，那具体怎么理解那？

wei745359223

2018-12-14 11:18:26 +08:00

应该就是申请这个 token 的 client 信息比如 IP 啥的？

reus

2018-12-14 11:30:52 +08:00

audience
用户 id 应该放这里的。

jimzhong

2018-12-14 11:56:45 +08:00

audience, 接受 JWT 的一方。接受方须检查该字段以避免一些攻击。

https://tools.ietf.org/html/rfc7519#section-4.1.3

xomix

2018-12-14 11:57:57 +08:00

// Audience(s) that this ID Token is intended for. It MUST contain the OAuth 2.0
// client_id of the Relying Party as an audience value. It MAY also contain identifiers
// for other audiences. In the general case, the aud value is an array of case sensitive
// strings. In the common special case when there is one audience, the aud value
// MAY be a single case sensitive string.

客户端信息

Vegetable

2018-12-14 12:02:53 +08:00

The "aud" (audience) claim identifies the recipients that the JWT is
intended for. Each principal intended to process the JWT MUST
identify itself with a value in the audience claim. If the principal
processing the claim does not identify itself with a value in the
"aud" claim when this claim is present, then the JWT MUST be
rejected. In the general case, the "aud" value is an array of case-
sensitive strings, each containing a StringOrURI value. In the
special case when the JWT has one audience, the "aud" value MAY be a
single case-sensitive string containing a StringOrURI value. The
interpretation of audience values is generally application specific.
Use of this claim is OPTIONAL.

这是一个专为移动设备优化的页面（即为了让你能够在 Google 搜索结果里秒开这个页面），如果你希望参与 V2EX 社区的讨论，你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/517455

V2EX 是创意工作者们的社区，是一个分享自己正在做的有趣事物、交流想法，可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.