问题
As I understand it: to check the validity of a JWT created using an asymmetric public/private key encryption algorithm, you require the public key along with the JWT header, claim (aka payload) and signature. The JWT header and claim can be decoded freely but can't be verified without the public key to validate the signature with (which is based on the header & claim and created with the private key).
My question is, why not just bundle the public key into the claim payload of the token. That way anyone can check the validity of the token without necessarily needing to dig up the public key from a database or file store?
回答1:
How would you know that the public key delivered with JWT is authentic? For all you know, an attacker may have generated a key pair, signed the payload with the private key and included data, signature and public key in the JWT. This "thing" that you have now doesn't prove anything.
来源:https://stackoverflow.com/questions/38955830/why-not-have-the-public-key-in-jwt-payload-for-convenience