Asserting the presence of a custom claim in JWT

Posted in JJWT

In this post under JJWT, I will explain with example, how to verify or assert the presence of custom (user created and added) claim in JWT token.

JJWT framework provides a method through which
1) we can verify whether a custom claim exist in the JWT or not.
2) we can verify whether a custom claim’s value is equal to what we want.

The method exist in JwtParserBuilder and its signature is as shown below

JwtParserBuilder require(String claimName, Object value)

Below is the complete main code for your reference

Main class

1  package defaultPackage;
2  
3  import io.jsonwebtoken.Claims;
4  import io.jsonwebtoken.Header;
5  import io.jsonwebtoken.IncorrectClaimException;
6  import io.jsonwebtoken.Jwt;
7  import io.jsonwebtoken.JwtParser;
8  import io.jsonwebtoken.JwtParserBuilder;
9  import io.jsonwebtoken.Jwts;
10 import io.jsonwebtoken.MissingClaimException;
11 
12 public class Example9 {
13     public static void main(String[] args) {
14         JwtParserBuilder jwtParserBuilder = Jwts.parser();
15         jwtParserBuilder = jwtParserBuilder.require("name", "Sumanth");
16         jwtParserBuilder = jwtParserBuilder.unsecured();
17         JwtParser jwtParser = jwtParserBuilder.build();
18         System.out.println("Parsing token 1");
19         Jwt<Header, Claims> jwt = jwtParser.parseUnsecuredClaims("eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJzdWIiOiIxMjM0NTY3ODkwIiwiaWF0IjoxNjYxNjU5OTU1LCJuYW1lIjoiU3VtYW50aCJ9.");
20         System.out.println(jwt.getHeader());
21         System.out.println(jwt.getPayload());
22         
23         jwtParserBuilder = Jwts.parser();
24         jwtParserBuilder = jwtParserBuilder.unsecured();
25         jwtParserBuilder = jwtParserBuilder.require("name", "Sumanth1");
26         jwtParser = jwtParserBuilder.build();
27         try {
28             System.out.println("Parsing token 2");
29             jwt = jwtParser.parseUnsecuredClaims("eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJzdWIiOiIxMjM0NTY3ODkwIiwiaWF0IjoxNjYxNjU5OTU1LCJuYW1lIjoiU3VtYW50aCJ9.");
30         } catch (IncorrectClaimException exception) {
31             exception.printStackTrace();
32         }
33         
34         jwtParserBuilder = Jwts.parser();
35         jwtParserBuilder = jwtParserBuilder.unsecured();
36         jwtParserBuilder = jwtParserBuilder.require("name1", "Sumanth");
37         jwtParser = jwtParserBuilder.build();
38         try {
39             System.out.println("Parsing token 3");
40             jwt = jwtParser.parseUnsecuredClaims("eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJzdWIiOiIxMjM0NTY3ODkwIiwiaWF0IjoxNjYxNjU5OTU1LCJuYW1lIjoiU3VtYW50aCJ9.");
41         } catch (MissingClaimException exception) {
42             exception.printStackTrace();
43         }
44     }
45 }

In the above code, at line 14 I create an instance of “JwtParserBuilder”.

At line 15, I am telling to the instance of “JwtParserBuilder” whichever JWT it parses, it has to assert that the JWT contains “name” claim and its value matches with “Sumanth”.

At line 19, we parse the first token and it will succeed without any error as the JWT contains “name” claim and its value matches with user specified value.

We then again create a new instance of “JwtParser” class from line 23 to 26

At line 25, we are telling the instance of “JwtParserBuilder” to verify whether a token contains “name” claim with value “Sumanth1”.

At line 29, we parse the second token using the new instance of “JwtParser” and it will fail because it has the claim but the value is not matching. It throws “IncorrectClaimException” exception.

We then again create a new instance of “JwtParser” class from line 34 to 37

At line 36, we are telling the instance of “JwtParserBuilder” to verify whether a token contains “name1” claim with value “Sumanth”.

At line 40, we parse the third token using the new instance of “JwtParser” and it will fail because it doesn’t have the custom claim, so it fails. It throws “MissingClaimException” exception.

Below is the output

Output

Parsing token 1
{typ=JWT, alg=none}
{sub=1234567890, iat=1661659955, name=Sumanth}
Parsing token 2
io.jsonwebtoken.IncorrectClaimException: Expected name claim to be: Sumanth1, but was: Sumanth.
    at jjwt.impl@0.12.3/io.jsonwebtoken.impl.DefaultJwtParser.validateExpectedClaims(DefaultJwtParser.java:764)
    at jjwt.impl@0.12.3/io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:706)
    at jjwt.impl@0.12.3/io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:362)
    at jjwt.impl@0.12.3/io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:94)
    at jjwt.impl@0.12.3/io.jsonwebtoken.impl.io.AbstractParser.parse(AbstractParser.java:36)
    at jjwt.impl@0.12.3/io.jsonwebtoken.impl.io.AbstractParser.parse(AbstractParser.java:29)
    at jjwt.impl@0.12.3/io.jsonwebtoken.impl.DefaultJwtParser.parseUnsecuredClaims(DefaultJwtParser.java:807)
    at JJWTConcepts/defaultPackage.Example9.main(Example9.java:29)
Parsing token 3
io.jsonwebtoken.MissingClaimException: Missing 'name1' claim. Expected value: Sumanth
    at jjwt.impl@0.12.3/io.jsonwebtoken.impl.DefaultJwtParser.validateExpectedClaims(DefaultJwtParser.java:749)
    at jjwt.impl@0.12.3/io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:706)
    at jjwt.impl@0.12.3/io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:362)
    at jjwt.impl@0.12.3/io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:94)
    at jjwt.impl@0.12.3/io.jsonwebtoken.impl.io.AbstractParser.parse(AbstractParser.java:36)
    at jjwt.impl@0.12.3/io.jsonwebtoken.impl.io.AbstractParser.parse(AbstractParser.java:29)
    at jjwt.impl@0.12.3/io.jsonwebtoken.impl.DefaultJwtParser.parseUnsecuredClaims(DefaultJwtParser.java:807)
    at JJWTConcepts/defaultPackage.Example9.main(Example9.java:40)
Unknown's avatar

Published by sumanthprabhakar

Leave a comment