Skip to content

tokensmith/jwt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

191 Commits

gradle/wrapper

gradle/wrapper

 
 

src

src

 
 

.gitignore

.gitignore

 
 

.travis.yml

.travis.yml

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

build.gradle

build.gradle

 
 

gradlew

gradlew

 
 

gradlew.bat

gradlew.bat

 
 

print_surefire_reports.sh

print_surefire_reports.sh

 
 

settings.gradle

settings.gradle

 
 

Repository files navigation

JSON Web Tokens

Build Status

Documentation

More documentation is available here.

Quick Start

This is a Java implementation of JWT, JWS, and JWE.

Unsecured JWT

UnsecureCompactBuilder compactBuilder = new UnsecureCompactBuilder();

Claim claim = new Claim();
claim.setUriIsRoot(true);

ByteArrayOutputStream encodedJwt = compactBuilder
    .claims(claim)
    .build();

Read a compact JWT

JwtAppFactory appFactory = new JwtAppFactory();

String jwt = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJodHRwOi8vZXhhbXBsZS5jb20vaXNfcm9vdCI6dHJ1ZX0.TeZ3DKSE-gplbaoA8CK_RMojt8CfA1MTYaM_ZuOeGNw";
JwtSerde jwtSerde = appFactory.jwtSerde();

JsonWebToken<Claim> jsonWebToken;
try {
    jsonWebToken = jwtSerde.stringToJwt(jwt, Claim.class);
} catch (InvalidJWT | JsonToJwtException e) {
    // may not have been a jwt
    // may not have been able to deserialize the header or claims.
    throw e;
}

// Can access claims in, jsonWebToken.

JWS Compact Serialization

Asymmetric key

Create

SecureCompactBuilder compactBuilder = new SecureCompactBuilder();

KeyGenerator keyGenerator = jwtAppFactory.keyGenerator();
SymmetricKey key = keyGenerator.symmetricKey(Optional.of(""test-key-id""), Use.SIGNATURE);

Claim claim = new Claim();
claim.setUriIsRoot(true);

ByteArrayOutputStream actual = compactBuilder.alg(Algorithm.RS256)
        .key(key)
        .claims(claim)
        .build();

Verify Signature

RSAPublicKey publicKey = new RSAPublicKey(
    Optional.of("test-key-id"),
    Use.SIGNATURE,
    new BigInteger("20446702916744654562596343388758805860065209639960173505037453331270270518732245089773723012043203236097095623402044690115755377345254696448759605707788965848889501746836211206270643833663949992536246985362693736387185145424787922241585721992924045675229348655595626434390043002821512765630397723028023792577935108185822753692574221566930937805031155820097146819964920270008811327036286786392793593121762425048860211859763441770446703722015857250621107855398693133264081150697423188751482418465308470313958250757758547155699749157985955379381294962058862159085915015369381046959790476428631998204940879604226680285601"),
    new BigInteger("65537")
);

JwtAppFactory appFactory = new JwtAppFactory();
VerifySignature verifySignature;

try {
    verifySignature = appFactory.verifySignature(Algorithm.RS256, publicKey);
} catch (SignatureException e) {
    throw e;
}

boolean isSignatureValid = verifySignature.run(jsonWebToken);

Symmetric key

Create

SecureCompactBuilder compactBuilder = new SecureCompactBuilder();

SymmetricKey key = Factory.makeSymmetricKey();
key.setKeyId(Optional.of("test-key-id"));

Claim claim = new Claim();
claim.setUriIsRoot(true);

ByteArrayOutputStream actual = compactBuilder.alg(Algorithm.HS256)
        .key(key)
        .claims(claim)
        .build();

Verify Signature

SymmetricKey key = new SymmetricKey(
    Optional.of("test-key-id"),
    "AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow",
    Use.SIGNATURE
);

JwtAppFactory appFactory = new JwtAppFactory();
VerifySignature verifySignature = null;
try {
    verifySignature = appFactory.verifySignature(Algorithm.HS256, key);
} catch (SignatureException e) {
    throw e;
}

boolean isSignatureValid = verifySignature.run(jsonWebToken);

JWE Compact Serialization

Asymmetric key

Create

EncryptedCompactBuilder compactBuilder = new EncryptedCompactBuilder();

byte[] payload = "Help me, Obi-Wan Kenobi. You're my only hope.".getBytes();

RSAPublicKey publicKey = Factory.makeRSAPublicKeyForJWE();
publicKey.setKeyId(Optional.of(UUID.randomUUID().toString()));

ByteArrayOutputStream actual = compactBuilder.encAlg(EncryptionAlgorithm.AES_GCM_256)
        .alg(Algorithm.RSAES_OAEP)
        .payload(payload)
        .rsa(publicKey)
        .build();

Symmetric key

Create

EncryptedCompactBuilder compactBuilder = new EncryptedCompactBuilder();

SymmetricKey key = Factory.makeSymmetricKeyForJWE();

byte[] payload = "Help me, Obi-Wan Kenobi. You're my only hope.".getBytes();

ByteArrayOutputStream actual = compactBuilder.encAlg(EncryptionAlgorithm.AES_GCM_256)
        .alg(Algorithm.DIRECT)
        .encAlg(EncryptionAlgorithm.AES_GCM_256)
        .payload(payload)
        .cek(key)
        .build();

Generate Key

Symmetric Key

JwtAppFactory jwtAppFactory = new JwtAppFactory();

KeyGenerator keyGenerator = jwtAppFactory.keyGenerator();
SymmetricKey key = keyGenerator.symmetricKey(Optional.of("123"), Use.SIGNATURE);

Asymmetric Key

JwtAppFactory jwtAppFactory = new JwtAppFactory();

KeyGenerator keyGenerator = jwtAppFactory.keyGenerator();
RSAKeyPair key = subject.rsaKeyPair(KeyGenerator.RSA_1024, Optional.of("123"), Use.SIGNATURE);

About

JSON Web Token (JWT)

Topics

jwt jwk jwe jws java-12

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

4 stars

Watchers

4 watching

Forks

0 forks
Report repository

Releases 7

1.3.4 Latest
Aug 1, 2020
+ 6 releases

Packages

No packages published

Languages