Created
March 7, 2016 16:10
-
-
Save thomasdarimont/23a80208c1ef529169be to your computer and use it in GitHub Desktop.
Validate Parse JWT Token with jjwt example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package de.jugsaar.examples.jwt; | |
import io.jsonwebtoken.Claims; | |
import io.jsonwebtoken.Jws; | |
import io.jsonwebtoken.Jwts; | |
import java.io.IOException; | |
import java.security.KeyFactory; | |
import java.security.NoSuchAlgorithmException; | |
import java.security.NoSuchProviderException; | |
import java.security.PublicKey; | |
import java.security.spec.InvalidKeySpecException; | |
import java.security.spec.X509EncodedKeySpec; | |
import java.util.Base64; | |
/** | |
* Created by tom on 07.03.16. | |
*/ | |
public class JwtParsingExample { | |
public static void main(String[] args) throws Exception { | |
String realmPublicKey = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8/XJRIbEW/DW30YxcnjNPFgZjhtsjcatetMP9xxyXDBPQA+jh9xAM4bf1v3QJOJalNuNpHat9k3e9Aa1M+qB1zq8blAZtsSF8jM7okuMHyeU6YXw7rY+d4t1Xigbt9LTaPfb5qCZvMShfjgeSb2DgZRbRlKfh9cVUZ8e7XUTm6UDlEvBI9mQiiwolPVyPCZDFNI8pb35NcXI4Kzh4S15BnAGpyKpiQJEmXX4wifYak8weJVoFuAu9fjjtdeacEqHFafyVZvEdKHTD+ofY9z6/JELdFRcI2N3a8rRa+JM2+CvrAIuOzLHGBZ1WwPKsHe6zhsxC1oODRvzVYOzOtvbQIDAQAB"; | |
String accessTokenString = "eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiJmNDczMzVkNS05ZGEwLTRhZGEtYTk5Zi00ODA1YTU5ZGRiYTQiLCJleHAiOjE0NTczNjY5MDgsIm5iZiI6MCwiaWF0IjoxNDU3MzY2NjA4LCJpc3MiOiJodHRwOi8vbG9naW4uYWNtZS5sb2NhbDo4MDgxL2F1dGgvcmVhbG1zL2FjbWUiLCJhdWQiOiJ2YWFkaW4tYXBwIiwic3ViIjoiNjU5OTJmNzktNjM4Mi00ZDk4LTlhZjItOTBjZjVmNzZmZTkxIiwidHlwIjoiQmVhcmVyIiwiYXpwIjoidmFhZGluLWFwcCIsInNlc3Npb25fc3RhdGUiOiIxMmVlOGUwZi1kMzgwLTQxZmEtODMxMS1jMmI0MjM2OGJmZjkiLCJjbGllbnRfc2Vzc2lvbiI6ImY3NTAzYmJkLWFkZTYtNDQ1Ny1iZTIxLTQ3NDRkMWJmMTc4NCIsImFsbG93ZWQtb3JpZ2lucyI6WyJodHRwOi8vbG9jYWxob3N0Ojc3NzciXSwicmVzb3VyY2VfYWNjZXNzIjp7ImFjbWUtcGV0Y2xpbmljIjp7InJvbGVzIjpbImFkbWluIiwidXNlciJdfSwidmFhZGluLWFwcCI6eyJyb2xlcyI6WyJ1c2VyIl19LCJhY2NvdW50Ijp7InJvbGVzIjpbIm1hbmFnZS1hY2NvdW50Iiwidmlldy1wcm9maWxlIl19fSwibmFtZSI6IlRoZW8gVGVzdGVyIiwicHJlZmVycmVkX3VzZXJuYW1lIjoidGhlbyIsImdpdmVuX25hbWUiOiJUaGVvIiwiZmFtaWx5X25hbWUiOiJUZXN0ZXIiLCJlbWFpbCI6InRvbSt0aGVvQGxvY2FsaG9zdCJ9.frMCkpDKG4VixXRZhh7KZqjDCxPbZq_6Wrl5X6RhjlGs9hL22Z6pcsVSlIzpincdwbLCpLYpLs3T2LRrlZ-YNUGOnKObnrmlVbMNi8UmGJiAj0bAsIPYWEfA-Ww3wuTitfjo0fgbAb8F_sLsPR9qjE6BcDPVXR2S_SJVWJ1CKb5kwiwKTTzAMUo1H22Ce64hoeSuEdQFM1x1n-M8kTkLPUPnL_lj-mOIpqbLZyrls3_TEL3up0-XYyF2Gt9fDQKXTp_XPLizGUiiY90TQC4rhNye3JPLMB6RZnQFmyJq5I5Cq0ybdMarloeLjvYjc3RyIgZgtFWjk5aNYDaietBJSA"; | |
PublicKey publicKey = decodePublicKey(pemToDer(realmPublicKey)); | |
Jws<Claims> claimsJws = Jwts.parser() // | |
.setSigningKey(publicKey) // | |
.parseClaimsJws(accessTokenString) // | |
; | |
System.out.println(claimsJws); | |
//gives: header={alg=RS256},body={jti=f47335d5-9da0-4ada-a99f-4805a59ddba4, exp=1457366908, nbf=0, iat=1457366608, iss=http://login.acme.local:8081/auth/realms/acme, aud=vaadin-app, sub=65992f79-6382-4d98-9af2-90cf5f76fe91, typ=Bearer, azp=vaadin-app, session_state=12ee8e0f-d380-41fa-8311-c2b42368bff9, client_session=f7503bbd-ade6-4457-be21-4744d1bf1784, allowed-origins=[http://localhost:7777], resource_access={acme-petclinic={roles=[admin, user]}, vaadin-app={roles=[user]}, account={roles=[manage-account, view-profile]}}, name=Theo Tester, preferred_username=theo, given_name=Theo, family_name=Tester, email=tom+theo@localhost},signature=frMCkpDKG4VixXRZhh7KZqjDCxPbZq_6Wrl5X6RhjlGs9hL22Z6pcsVSlIzpincdwbLCpLYpLs3T2LRrlZ-YNUGOnKObnrmlVbMNi8UmGJiAj0bAsIPYWEfA-Ww3wuTitfjo0fgbAb8F_sLsPR9qjE6BcDPVXR2S_SJVWJ1CKb5kwiwKTTzAMUo1H22Ce64hoeSuEdQFM1x1n-M8kTkLPUPnL_lj-mOIpqbLZyrls3_TEL3up0-XYyF2Gt9fDQKXTp_XPLizGUiiY90TQC4rhNye3JPLMB6RZnQFmyJq5I5Cq0ybdMarloeLjvYjc3RyIgZgtFWjk5aNYDaietBJSA | |
} | |
/** | |
* Decode a PEM string to DER format | |
* | |
* @param pem | |
* @return | |
* @throws java.io.IOException | |
*/ | |
public static byte[] pemToDer(String pem) throws IOException { | |
return Base64.getDecoder().decode(stripBeginEnd(pem)); | |
} | |
public static String stripBeginEnd(String pem) { | |
String stripped = pem.replaceAll("-----BEGIN (.*)-----", ""); | |
stripped = stripped.replaceAll("-----END (.*)----", ""); | |
stripped = stripped.replaceAll("\r\n", ""); | |
stripped = stripped.replaceAll("\n", ""); | |
return stripped.trim(); | |
} | |
public static PublicKey decodePublicKey(byte[] der) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchProviderException { | |
X509EncodedKeySpec spec = new X509EncodedKeySpec(der); | |
KeyFactory kf = KeyFactory.getInstance("RSA" | |
// , "BC" //use provider BouncyCastle if available. | |
); | |
return kf.generatePublic(spec); | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="UTF-8"?> | |
<project xmlns="http://maven.apache.org/POM/4.0.0" | |
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> | |
<modelVersion>4.0.0</modelVersion> | |
<groupId>de.tdlabs</groupId> | |
<version>1.0-SNAPSHOT</version> | |
<artifactId>jwt-example</artifactId> | |
<dependencies> | |
<dependency> | |
<groupId>io.jsonwebtoken</groupId> | |
<artifactId>jjwt</artifactId> | |
<version>0.6.0</version> | |
</dependency> | |
</dependencies> | |
</project> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Do you have an example of creating RS256 JWT?