Hi,
I cannot find JWS JSON Serialization implemented (only JWS Compact Serialization)
Anyone interested in taking this task? If not - I can do this ;-)
Sewer.
You are the first person who is asking for the JSON serialisation :) Why do you need that, I'm curious?
At NimbusDS we only make use of the compact serialisation, to work with JWTs.
Feel free to have a go at that, and if you have any questions just let me know, I hope I would be able to help.
Vladimir
Support for JWE JSON serialization is necessary in order to support multiple recipients (see Section 7.2 and Appendix 4 of the v19 draft). Multiple recipients is a nice feature to have in certain settings.
I'd love to see this:
+1
In our use case we receive JSON encoded JWE from an external service (encoded with the Python JWCrypto lib). The payloads we receive have both a protected and per-recipient header, but I can't decrypt because combining the headers into a JWEHeader changes the calculated AAD which fails MAC validation during decryption, and if I use only the protected header decryption fails because required values aren't present (e.g. p2s and p2c for PBE).
Issue #241 was marked as a duplicate of this issue.
+1 There is a federated metadata-catalog that uses JSON-serialization that I'd like to parse, validate signature for: https://fedscim-poc.skolfederation.se/md/skolfederation-fedscim-0_1.json
At the very least it would be nice to have JWSObject do:
public static JWSObject parseJSONSerialization(String json) {
JsonNode root = mapper.readTree(json);
JsonNode payload = root.get("payload");
JsonNode signatures = root.get("signatures");
JsonNode signature = signatures.get(0);
String protectedString = signature.get("protected").asText();
String signaturePart = signature.get("signature").asText();
return JWSObject.parse(protectedString + "." + payload + "." + signaturePart);
}
At long last, this lib is going to get the JSON serialisation 
This is the PR. Review it now or forever hold your peace, as they say:
https://bitbucket.org/connect2id/nimbus-jose-jwt/pull-requests/85
If all is well it will be merged later next week.
We now have support for JWS JSON, currently in preview. The following article and examples explains the API and how to use it with multiple signatures:
https://connect2id.com/products/nimbus-jose-jwt/examples/jws-json-multiple-signatures
Hi
I’m new for JWT so maybe I am wrong.
https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/241/jwe-json-serialization-representation
issue 241 talks about JWE JSON Serialization problem (When use JWEObject, Protected Header contains both “enc“ and “alg“,
but check example in rfc7516 A.4.7 ,page46 , “enc“ and “alg“ are in different spot )
ps. I’m not sure if its allowed to put both “alg“ and “enc“ in protected.
And “issue 241” marks duplicate and link to here,
yet “issue 67” seems to talking about JWS JSON Serialization’s problem,
isn't these two are different things?
Hi, I would like to ask you if you are planning to add support for JWE JSON Serialization as well?
You had some concept of this functionality in 9.16-preview.1 version of library (e.g. JWEObjectJSON, JWEDecrypterMulti..) but it looks like this functionality didn’t make it into release version of library (or I’m missing something..).
Thanks
Hi Roman,
The JSON serialisation was started by a group of developers in the summer 2021 and appeared in the preview that you saw. I helped them polish the JWS JSON part so that it became production ready. There was nobody at the time to take care of the JWE JSON part completion, so all code related to it was removed in the next release, hopefully when better times will bring somebody along to complete it :)
JWS JSON ser has been completed.
Full support for JWE JSON serialisation is available from v9.32.
How to use JSON Web Encryption (JWE) to multiple recipients:
https://connect2id.com/products/nimbus-jose-jwt/examples/jwe-json-multiple-recipients
We now have support for JWS JSON, currently in preview. The following article and examples explains the API and how to use it with multiple signatures:
https://connect2id.com/products/nimbus-jose-jwt/examples/jws-json-multiple-signatures