Hi, I am trying to verify the jwt token. My provider is Azure AD.
private boolean verifyJWT(String azureDiscoveryKeys, String issuer, String token) {
try {
DecodedJWT jwt = JWT.decode(token);
JwkProvider provider = new UrlJwkProvider(new URL(azureDiscoveryKeys));
Jwk jwk = provider.get(jwt.getKeyId());
RSAPublicKey publicKey = (RSAPublicKey) jwk.getPublicKey();
Algorithm alg = Algorithm.RSA256(publicKey, null);
JWTVerifier verifier = JWT.require(alg).withIssuer(issuer).build();
verifier.verify(token);
return true;
} catch(JWTVerificationException | JwkException | NullPointerException | MalformedURLException ex) {
log.error(ex.getMessage());
return false;
}
}
Throws the following error, when trying to verify the token:
com.auth0.jwt.exceptions.SignatureVerificationException: The Token’s Signature resulted invalid when verified using the Algorithm: SHA256withRSA
at com.auth0.jwt.algorithms.RSAAlgorithm.verify(RSAAlgorithm.java:50)
at com.auth0.jwt.JWTVerifier.verify(JWTVerifier.java:299)
at com.auth0.jwt.JWTVerifier.verify(JWTVerifier.java:283)
How to use the Auth0 library to verify a token using SHA256withRSA?
Thanks,