- edited description
Validating the token using x509 Certificate
Hi there,
Is there any way i can validate the token using the x509 certificate. I am not seeing any x509certificatekey selector if i have x509 certificate ready.
i am looking something similar to JWSKeySelector for the X509Certificate to pass and then validate.
below is the code snippet
String cert1= "vdW50cy5hY2Nlc3Njb250cm9sLndp";
X509Certificate cert = X509CertUtils.parse(new Base64(cert1).decode());
ConfigurableJWTProcessor jwtProcessor = new DefaultJWTProcessor();
JWSKeySelector keySelector = new JWSVerificationKeySelector(expectedJWSAlg, keySource);
jwtProcessor.setJWSKeySelector(keySelector);
JWTClaimsSet claimsSet = jwtProcessor.process(token3, ctx);
System.out.println("the claimset is....."+claimsSet.getIssuer());
thanks vinoj
Comments (8)
-
reporter -
reporter - edited description
-
reporter - edited description
-
- changed status to resolved
Extract the key, then use it create a singleton JWKSet, then create ImmutableJWKSet from it.
This may also help: http://www.connect2id.com/products/nimbus-jose-jwt/examples/parse-x509-certificate-extract-keys
-
reporter Thanks
Any example to create the singleton JWKSet. This is how i am doing but its not working as expected
String cert1= "vdW50cy5hY2Nlc3Njb250cm9sLndp"; X509Certificate cert = X509CertUtils.parse(new Base64(cert1).decode()); PublicKey pubKey = cert.getPublicKey(); JWKSet set1 = new JWKSet((JWK) pubKey); JWKSource keySource = new ImmutableJWKSet(set1); ConfigurableJWTProcessor jwtProcessor1 = new DefaultJWTProcessor(); JWSAlgorithm expectedJWSAlg1 = JWSAlgorithm.RS256; JWSKeySelector keySelector1 = new JWSVerificationKeySelector(expectedJWSAlg1, keySource); jwtProcessor1.setJWSKeySelector(keySelector1);
-
The std Java keys and the JWKs belong to different hierarchies, and cannot be cast to one another (but can be converted).
com.nimbusds.jose.jwk.JWK jwk = new com.nimbusds.jose.jwk.RSAKey.Builder((java.security.interfaces.RSAPublicKey)pubKey).build(); com.nimbusds.jose.jwk.JWKSet jwkSet = new JWKSet(jwk);
-
New examples: http://c2id.co/1x
-
reporter thanks:)
- Log in to comment