how to use x5t to validate a token
Issue #83
wontfix
Hi, i am getting below JOSE header. i also have the certificate (public key) which i would use to verify the signature. but i am clueless as to how i connect everything together. how x5t and how kid will help me to load the correct certificate and how i will validate a token. please help me with an example code.
{"typ":"JWT","alg":"RS256","x5t":"F_68wGhADOBn-A6pv3453xMeAwk","kid":"F_68wGhADOBn-A6pv3453xMeAwk"}
Comments (4)
-
repo owner
-
Thanks Brian. that worked. thanks again.
further to this, i want to assert few custom claims. how can i add my custom claims in the JWSConsumer to assert? please help !!
-
repo owner
Implement a org.jose4j.jwt.consumer.Validator and register it with the JwtConsumerBuilder.
https://bitbucket.org/b_c/jose4j/src/d6b5633f0f1d932ecf3e009953b82cd9ecef9ea2/src/main/java/org/jose4j/jwt/consumer/AudValidator.java?at=master&fileviewer=file-view-default is an example of the Validator interface implementation.
-
repo owner
- changed status to wontfix
closing out this one (mark as wontfix actually) as I've answered the questions as best I could and there hasn't been any more activity on it
- Log in to comment
x5t is a hash of the certificate corresponding to the key used to digitally sign the JWS/JWT. It tells the receiver about what certificate/key to use to verify the signature.
Take a look at https://bitbucket.org/b_c/jose4j/wiki/JWT%20Examples which shows some general JWT validation. There's a section on using certs and x5t about half way down https://bitbucket.org/b_c/jose4j/wiki/JWT%20Examples#markdown-header-x509