Getting error while trying to verify JWE (JWT with EC encrypted)
Doest auth0 support JWE ?
I am using com.auth0:java-jwt version 3.14.0
JWE header details
{
“typ”: “JWT”,
“alg”: “ECDH-ES+A256KW”,
“enc”: “A128CBC-HS256”,
“key”: “”,
“epk”: {
“kty”: “EC”,
“x”: “jrhYY29pTlx4C-wbFFlvDywq8zq2aqmkdEO4mR111Ag”,
“y”: “LkK3YxUcIDr7aBhluEoq2eYZFlzhJyjvjgyHTJ_21vY”,
“crv”: “P-256”
}
}
Passing both public and private key
// code snippet
byte[] publicKeyData = Base64.getDecoder().decode((this.publicKeyAsString.getBytes()));
X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(publicKeyData);
byte[] privateKeyData = Base64.getDecoder().decode((this.privateKeyAsString.getBytes()));
PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(privateKeyData);
KeyFactory fact = KeyFactory.getInstance("EC");
ECPublicKey publicKey = (ECPublicKey) fact.generatePublic(publicKeySpec);
ECPrivateKey privateKey = (ECPrivateKey) fact.generatePrivate(privateKeySpec);
Algorithm algorithm = Algorithm.ECDSA256(publicKey, privateKey);
JWTVerifier verifier = JWT.require(algorithm).build();
DecodedJWT jwt = verifier.verify(token); //**Getting error in this line of code**
return jwt.getClaim("client_id").asString();
com.auth0.jwt.exceptions.JWTDecodeException: The token was expected to have 3 parts, but got 5.
at com.auth0.jwt.TokenUtils.splitToken(TokenUtils.java:21) ~[java-jwt-3.14.0.jar:3.14.0]
Suppressed: reactor.core.publisher.FluxOnAssembly$OnAssemblyException:
Error has been observed at the following site(s):
|_ checkpoint ? org.springframework.cloud.gateway.filter.WeightCalculatorWebFilter [DefaultWebFilterChain]
|_ checkpoint ? org.springframework.boot.actuate.metrics.web.reactive.server.MetricsWebFilter [DefaultWebFilterChain]
|_ checkpoint ? HTTP GET “/ugp-api/v1/product?src=web” [ExceptionHandlingWebHandler]
Stack trace:
at com.auth0.jwt.TokenUtils.splitToken(TokenUtils.java:21) ~[java-jwt-3.14.0.jar:3.14.0]
at com.auth0.jwt.JWTDecoder.(JWTDecoder.java:36) ~[java-jwt-3.14.0.jar:3.14.0]
at com.auth0.jwt.JWTVerifier.verify(JWTVerifier.java:282) ~[java-jwt-3.14.0.jar:3.14.0]