How does one deal with JWT Token Validation from a Javascript client in a Servlet Filter w/o Spring?

horsephotostechnolog · September 19, 2017, 9:58am

This example is woefully under documented

From this page:

Where and how do I get/set the public/private key? When a accessToken is generated in my Javascript client and passed to me?
How do I secure a restful endpoint, and why doesn’t the generated war file just deal with this case automatically? i.e. passing around accessTokens, idTokens and all the other values that my javascript client generated.

String token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXUyJ9.eyJpc3MiOiJhdXRoMCJ9.AbIJTDMFc7yUa5MhvcP03nJPyCPzZtQcGEp-zWfOkEE";
RSAPublicKey publicKey = //Get the key instance
RSAPrivateKey privateKey = //Get the key instance.
try {
    Algorithm algorithm = Algorithm.RSA256(publicKey, privateKey);
    JWTVerifier verifier = JWT.require(algorithm)
        .withIssuer("auth0")
        .build(); //Reusable verifier instance
    DecodedJWT jwt = verifier.verify(token);
} catch (JWTVerificationException exception){
    //Invalid signature/claims
}

Topic		Replies	Views
Need help converting Javascript JWT parsing into Java using Auth0 libs JWT.io jwt , javascript , java , java-jwt-support-doc	1	3266	August 4, 2020
Verify JWT token received from auth0 JWT.io jwt , auth0	4	21860	January 12, 2020
Problem validating JWT with X509 cert/pubkey from /jwks JWT.io api , certificate , jwt-validation	12	23138	November 8, 2022
Non-spring java sdk and example to put in filters for authentication validation? Help	0	1657	March 6, 2022
How to verify jwt token using public key in java Help	1	5495	November 24, 2019

How does one deal with JWT Token Validation from a Javascript client in a Servlet Filter w/o Spring?

Related Topics