java jwk verify id token signature

อันนี้ขอไม่อธิบายอะไรเลย ขี้เกียจ ใครเข้ามาพบ แล้วมีคำถามก็ พิมถามไว้แล้วกัน

import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWSVerifier;
import com.nimbusds.jose.crypto.RSASSAVerifier;
import com.nimbusds.jose.jwk.JWKSet;
import com.nimbusds.jose.jwk.RSAKey;
import com.nimbusds.jwt.SignedJWT;

import java.io.File;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URISyntaxException;
import java.security.interfaces.RSAPublicKey;
import java.text.ParseException;

/**
 * Created by Panupong_Kon on 11/7/2016.
 */

public class Main {
    public static void main(String [] args) throws JOSEException, URISyntaxException, IOException, ParseException {
        ClassLoader classLoader = new Main().getClass().getClassLoader();
        String jwkFile = "trueid.jwk";

        JWKSet jwkSet = JWKSet.load(new File(classLoader.getResource(jwkFile).getFile()));
        //JWKSet jwkSet = JWKSet.load(new URL("https://c2id.com/jwk-set.json"));
        RSAKey jwk = (RSAKey) jwkSet.getKeyByKeyId("c4ca4238a0b923820dcc509a6f75849b");

        RSAPublicKey publicKey = jwk.toRSAPublicKey();

        String idToken = "eyJhbGciOiJSUzI1NiIsImprdSI6Imh0dHBzOlwvXC9jb3JlLWF1dGgudHJ1ZWlkLmFscGhhXC90cnVlaWQuandrIiwia2lkIjoiYzRjYTQyMzhhMGI5MjM4MjBkY2M1MDlhNmY3NTg0OWIifQ.eyJpc3MiOiJodHRwczpcL1wvY29yZS1hdXRoLnRydWVpZC5hbHBoYVwvIiwic3ViIjoia29uZ2FybkBnbWFpbC5jb20iLCJhdWQiOlsiMjEyIl0sImV4cCI6MTQ3ODYzMTY4NSwiaWF0IjoxNDc4NTk1Njg1LCJhdXRoX3RpbWUiOjE0Nzg1OTU2ODV9.xgpPtTxmIdWnD2nZD2sAaj7msKzfNcF2NPrTkyo_S3asyPy0xxxunC9Mce5VVbyyptHtsSTAA_ctqJ8Igf6VS1ju65OwfdCoyK_RijN5L-Vyeycpda3KhlTwc_3uVjyCp_9Gp6uSGZ8dTdeqARWG2NtdQ0THMi_LbBpFvGJktlkdxnT2gU36Mu2nIqhb0qxB1yUeoOKqCdhxRni1qXp-u023XyKJIkaG05D4Fj-ff-0i1Qoy6Jd0dqq1xXSLnOsUOesPmdFvdMXcRchmSq9zMAhVKBkdau-qgljG3UmVn45OLsNUM_MhtKySG0EqymSd8aBMkdj3jE_GVmSt14Jhbw";
        SignedJWT cSignedJWT = null;
        try {
            cSignedJWT = SignedJWT.parse(idToken);
        } catch (ParseException e) {
            e.printStackTrace();
        }

        JWSVerifier verifier = new RSASSAVerifier(publicKey);

        System.out.println("=== Verified signature ===");
        System.out.println("jwk pub = " + jwkFile);
        System.out.print("status = ");
        System.out.println(cSignedJWT.verify(verifier));

        System.out.println("=== Header ===");
        System.out.println("kid = " + cSignedJWT.getHeader().getKeyID());
        System.out.println("alg = "+cSignedJWT.getHeader().getAlgorithm().getName());
        System.out.println("jku = "+cSignedJWT.getHeader().getJWKURL().toString());

        System.out.println("=== Payload ClaimsSet ===");
        System.out.println("iss = "+cSignedJWT.getJWTClaimsSet().getIssuer());
        System.out.println("sub = "+cSignedJWT.getJWTClaimsSet().getSubject());
        System.out.println("aud = "+cSignedJWT.getJWTClaimsSet().getAudience());
        System.out.println("exp = "+cSignedJWT.getJWTClaimsSet().getExpirationTime());

    }
}

Related posts:

This entry was posted in java, json web token (jwt). Bookmark the permalink.