mattjtodd/JJWT-JWS-Example.java

## JJWT-JWS-Example.java
package uk.co.blackcat;

import com.google.common.hash.Hashing;
import io.jsonwebtoken.*;
import io.jsonwebtoken.lang.Maps;
import io.jsonwebtoken.security.Keys;

import java.security.*;
import java.security.spec.InvalidKeySpecException;
import java.util.Map;

public class HttpTest {

    public static void main(String[] args) throws Exception {
        signJwt();
    }

    private static void signJwt() throws NoSuchAlgorithmException, InvalidKeySpecException {
        // This represents the JWK set which should be made available to clients via HTTPS
        // https://tools.ietf.org/html/rfc7517
        KeyPair keyPair = Keys.keyPairFor(SignatureAlgorithm.RS256);
        String jwkId = Hashing.sha256().hashBytes(keyPair.getPublic().getEncoded()).toString();

        // Create and sign our Boris
        String jws = Jwts.builder()
                .setHeaderParam(JwsHeader.KEY_ID, jwkId)
                .setHeaderParam(JwsHeader.JWK_SET_URL, "The url for the JWK Set")
                .setSubject("Boris")
                .claim("status", "World King")
                .signWith(keyPair.getPrivate())
                .compact();

        SigningKeyResolver signingKeyResolver = getSigningKeyResolver(jwkId, keyPair.getPublic());

        // verify the message signature header using the public key.
        Jws<Claims> claimsJws = Jwts.parserBuilder()
                .setSigningKeyResolver(signingKeyResolver)
                .build()
                .parseClaimsJws(jws);

        System.out.println(claimsJws.getHeader());
        System.out.println(claimsJws.getBody());
    }

    private static SigningKeyResolver getSigningKeyResolver(String jwkId, PublicKey publicKey) {
        return new SigningKeyResolver() {
                Map<String, PublicKey> jwkSet = Maps.of(jwkId, publicKey).build();

                @Override
                public Key resolveSigningKey(JwsHeader jwsHeader, Claims claims) {
                    return jwkSet.get(jwsHeader.getKeyId());
                }

                @Override
                public Key resolveSigningKey(JwsHeader jwsHeader, String s) {
                    return jwkSet.get(jwsHeader.getKeyId());
                }
            };
    }
}
	package uk.co.blackcat;

	import com.google.common.hash.Hashing;
	import io.jsonwebtoken.*;
	import io.jsonwebtoken.lang.Maps;
	import io.jsonwebtoken.security.Keys;

	import java.security.*;
	import java.security.spec.InvalidKeySpecException;
	import java.util.Map;

	public class HttpTest {

	public static void main(String[] args) throws Exception {
	signJwt();
	}

	private static void signJwt() throws NoSuchAlgorithmException, InvalidKeySpecException {
	// This represents the JWK set which should be made available to clients via HTTPS
	// https://tools.ietf.org/html/rfc7517
	KeyPair keyPair = Keys.keyPairFor(SignatureAlgorithm.RS256);
	String jwkId = Hashing.sha256().hashBytes(keyPair.getPublic().getEncoded()).toString();

	// Create and sign our Boris
	String jws = Jwts.builder()
	.setHeaderParam(JwsHeader.KEY_ID, jwkId)
	.setHeaderParam(JwsHeader.JWK_SET_URL, "The url for the JWK Set")
	.setSubject("Boris")
	.claim("status", "World King")
	.signWith(keyPair.getPrivate())
	.compact();

	SigningKeyResolver signingKeyResolver = getSigningKeyResolver(jwkId, keyPair.getPublic());

	// verify the message signature header using the public key.
	Jws<Claims> claimsJws = Jwts.parserBuilder()
	.setSigningKeyResolver(signingKeyResolver)
	.build()
	.parseClaimsJws(jws);

	System.out.println(claimsJws.getHeader());
	System.out.println(claimsJws.getBody());
	}

	private static SigningKeyResolver getSigningKeyResolver(String jwkId, PublicKey publicKey) {
	return new SigningKeyResolver() {
	Map<String, PublicKey> jwkSet = Maps.of(jwkId, publicKey).build();

	@Override
	public Key resolveSigningKey(JwsHeader jwsHeader, Claims claims) {
	return jwkSet.get(jwsHeader.getKeyId());
	}

	@Override
	public Key resolveSigningKey(JwsHeader jwsHeader, String s) {
	return jwkSet.get(jwsHeader.getKeyId());
	}
	};
	}
	}