jwt

Java Implementation of JSON Web Tokens

License

License

The MIT License (MIT)
Categories

Categories

Net
GroupId

GroupId

net.tokensmith
ArtifactId

ArtifactId

jwt
Last Version

Last Version

1.3.4
Release Date

Release Date

Type

Type

jar
Description

Description

jwt
Java Implementation of JSON Web Tokens
Project URL

Project URL

https://github.com/TokenSmith/jwt
Source Code Management

Source Code Management

https://github.com/TokenSmith/jwt

Download jwt

How to add to project

<!-- https://jarcasting.com/artifacts/net.tokensmith/jwt/ -->
<dependency>
    <groupId>net.tokensmith</groupId>
    <artifactId>jwt</artifactId>
    <version>1.3.4</version>
</dependency>
// https://jarcasting.com/artifacts/net.tokensmith/jwt/
implementation 'net.tokensmith:jwt:1.3.4'
// https://jarcasting.com/artifacts/net.tokensmith/jwt/
implementation ("net.tokensmith:jwt:1.3.4")
'net.tokensmith:jwt:jar:1.3.4'
<dependency org="net.tokensmith" name="jwt" rev="1.3.4">
  <artifact name="jwt" type="jar" />
</dependency>
@Grapes(
@Grab(group='net.tokensmith', module='jwt', version='1.3.4')
)
libraryDependencies += "net.tokensmith" % "jwt" % "1.3.4"
[net.tokensmith/jwt "1.3.4"]

Dependencies

compile (1)

Group / Artifact Type Version
org.slf4j : slf4j-api jar 1.7.25

runtime (4)

Group / Artifact Type Version
com.fasterxml.jackson.core : jackson-core jar 2.11.0
com.fasterxml.jackson.core : jackson-databind jar 2.11.0
com.fasterxml.jackson.datatype : jackson-datatype-jdk8 jar 2.11.0
com.fasterxml.jackson.datatype : jackson-datatype-jsr310 jar 2.11.0

Project Modules

There are no modules declared in this project.

JSON Web Tokens

Build Status

Documentation

More documentation is available here.

Quick Start

This is a Java implementation of JWT, JWS, and JWE.

Unsecured JWT

UnsecureCompactBuilder compactBuilder = new UnsecureCompactBuilder();

Claim claim = new Claim();
claim.setUriIsRoot(true);

ByteArrayOutputStream encodedJwt = compactBuilder
    .claims(claim)
    .build();

Read a compact JWT

JwtAppFactory appFactory = new JwtAppFactory();

String jwt = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJodHRwOi8vZXhhbXBsZS5jb20vaXNfcm9vdCI6dHJ1ZX0.TeZ3DKSE-gplbaoA8CK_RMojt8CfA1MTYaM_ZuOeGNw";
JwtSerde jwtSerde = appFactory.jwtSerde();

JsonWebToken<Claim> jsonWebToken;
try {
    jsonWebToken = jwtSerde.stringToJwt(jwt, Claim.class);
} catch (InvalidJWT | JsonToJwtException e) {
    // may not have been a jwt
    // may not have been able to deserialize the header or claims.
    throw e;
}

// Can access claims in, jsonWebToken.

JWS Compact Serialization

Asymmetric key

Create

SecureCompactBuilder compactBuilder = new SecureCompactBuilder();

KeyGenerator keyGenerator = jwtAppFactory.keyGenerator();
SymmetricKey key = keyGenerator.symmetricKey(Optional.of(""test-key-id""), Use.SIGNATURE);

Claim claim = new Claim();
claim.setUriIsRoot(true);

ByteArrayOutputStream actual = compactBuilder.alg(Algorithm.RS256)
        .key(key)
        .claims(claim)
        .build();

Verify Signature

RSAPublicKey publicKey = new RSAPublicKey(
    Optional.of("test-key-id"),
    Use.SIGNATURE,
    new BigInteger("20446702916744654562596343388758805860065209639960173505037453331270270518732245089773723012043203236097095623402044690115755377345254696448759605707788965848889501746836211206270643833663949992536246985362693736387185145424787922241585721992924045675229348655595626434390043002821512765630397723028023792577935108185822753692574221566930937805031155820097146819964920270008811327036286786392793593121762425048860211859763441770446703722015857250621107855398693133264081150697423188751482418465308470313958250757758547155699749157985955379381294962058862159085915015369381046959790476428631998204940879604226680285601"),
    new BigInteger("65537")
);

JwtAppFactory appFactory = new JwtAppFactory();
VerifySignature verifySignature;

try {
    verifySignature = appFactory.verifySignature(Algorithm.RS256, publicKey);
} catch (SignatureException e) {
    throw e;
}

boolean isSignatureValid = verifySignature.run(jsonWebToken);

Symmetric key

Create

SecureCompactBuilder compactBuilder = new SecureCompactBuilder();

SymmetricKey key = Factory.makeSymmetricKey();
key.setKeyId(Optional.of("test-key-id"));

Claim claim = new Claim();
claim.setUriIsRoot(true);

ByteArrayOutputStream actual = compactBuilder.alg(Algorithm.HS256)
        .key(key)
        .claims(claim)
        .build();

Verify Signature

SymmetricKey key = new SymmetricKey(
    Optional.of("test-key-id"),
    "AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow",
    Use.SIGNATURE
);

JwtAppFactory appFactory = new JwtAppFactory();
VerifySignature verifySignature = null;
try {
    verifySignature = appFactory.verifySignature(Algorithm.HS256, key);
} catch (SignatureException e) {
    throw e;
}

boolean isSignatureValid = verifySignature.run(jsonWebToken);

JWE Compact Serialization

Asymmetric key

Create

EncryptedCompactBuilder compactBuilder = new EncryptedCompactBuilder();

byte[] payload = "Help me, Obi-Wan Kenobi. You're my only hope.".getBytes();

RSAPublicKey publicKey = Factory.makeRSAPublicKeyForJWE();
publicKey.setKeyId(Optional.of(UUID.randomUUID().toString()));

ByteArrayOutputStream actual = compactBuilder.encAlg(EncryptionAlgorithm.AES_GCM_256)
        .alg(Algorithm.RSAES_OAEP)
        .payload(payload)
        .rsa(publicKey)
        .build();

Symmetric key

Create

EncryptedCompactBuilder compactBuilder = new EncryptedCompactBuilder();

SymmetricKey key = Factory.makeSymmetricKeyForJWE();

byte[] payload = "Help me, Obi-Wan Kenobi. You're my only hope.".getBytes();

ByteArrayOutputStream actual = compactBuilder.encAlg(EncryptionAlgorithm.AES_GCM_256)
        .alg(Algorithm.DIRECT)
        .encAlg(EncryptionAlgorithm.AES_GCM_256)
        .payload(payload)
        .cek(key)
        .build();

Generate Key

Symmetric Key

JwtAppFactory jwtAppFactory = new JwtAppFactory();

KeyGenerator keyGenerator = jwtAppFactory.keyGenerator();
SymmetricKey key = keyGenerator.symmetricKey(Optional.of("123"), Use.SIGNATURE);

Asymmetric Key

JwtAppFactory jwtAppFactory = new JwtAppFactory();

KeyGenerator keyGenerator = jwtAppFactory.keyGenerator();
RSAKeyPair key = subject.rsaKeyPair(KeyGenerator.RSA_1024, Optional.of("123"), Use.SIGNATURE);
net.tokensmith
OAuth 2.0 and OIDC Identity Server

Versions

Version
1.3.4
1.3.3
1.3.2