Provide an example of how to process and verify POST-as-GET JWS with payload set to empty string
Issue #191
new
During decoding POST-as-GET JWS sent from ACME client (RFC 8555 section 6.3) I have an error:
Exception in thread "main" org.jose4j.jwt.consumer.InvalidJwtException: Unable to parse what was expected to be the JWT Claim Set JSON: "" Additional details: [[16] Invalid JSON.]
at org.jose4j.jwt.JwtClaims.<init>(JwtClaims.java:56)
Do you have any advice how such message with empty paylod should be processed?
You’ll need to use plain old
JsonWebSignature
for that - https://bitbucket.org/b_c/jose4j/wiki/JWS Examples#markdown-header-signature-verification-using-jws has a simple example. But you could also use theVerificationKeyResolver
you are giving to theJwtConsumerBuilder
to get the key and set on the JWS.