Asserting the presence of a custom claim in JWT

Posted in JJWT


In this post under JJWT, I will explain with example, how to verify or assert the presence of custom (user created and added) claim in JWT token.

JJWT framework provides a method through which
1) we can verify whether a custom claim exist in the JWT or not.
2) we can verify whether a custom claim’s value is equal to what we want.

The method exist in JwtParserBuilder and its signature is as shown below


JwtParserBuilder require(String claimName, Object value)

Below is the complete main code for your reference

Main class


1  package defaultPackage;
2  
3  import io.jsonwebtoken.Claims;
4  import io.jsonwebtoken.Header;
5  import io.jsonwebtoken.IncorrectClaimException;
6  import io.jsonwebtoken.Jwt;
7  import io.jsonwebtoken.JwtParser;
8  import io.jsonwebtoken.JwtParserBuilder;
9  import io.jsonwebtoken.Jwts;
10 import io.jsonwebtoken.MissingClaimException;
11 
12 public class Example9 {
13     public static void main(String[] args) {
14         JwtParserBuilder jwtParserBuilder = Jwts.parserBuilder();
15         jwtParserBuilder = jwtParserBuilder.require("name", "Sumanth");
16         JwtParser jwtParser = jwtParserBuilder.build();
17         Jwt<Header, Claims> jwt = jwtParser.parseClaimsJwt("eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJzdWIiOiIxMjM0NTY3ODkwIiwiaWF0IjoxNjYxNjU5OTU1LCJuYW1lIjoiU3VtYW50aCJ9.");
18         System.out.println(jwt.getHeader());
19         System.out.println(jwt.getBody());
20         
21         try {
22             jwtParserBuilder = jwtParserBuilder.require("name", "Sumanth1");
23             jwtParser = jwtParserBuilder.build();
24             jwt = jwtParser.parseClaimsJwt("eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJzdWIiOiIxMjM0NTY3ODkwIiwiaWF0IjoxNjYxNjU5OTU1LCJuYW1lIjoiU3VtYW50aCJ9.");
25         } catch (IncorrectClaimException exception) {
26             exception.printStackTrace();
27         }
28         
29         try {
30             jwtParserBuilder = jwtParserBuilder.require("name", "Sumanth").require("name1", "Sumanth");
31             jwtParser = jwtParserBuilder.build();
32             jwt = jwtParser.parseClaimsJwt("eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJzdWIiOiIxMjM0NTY3ODkwIiwiaWF0IjoxNjYxNjU5OTU1LCJuYW1lIjoiU3VtYW50aCJ9.");
33         } catch (MissingClaimException exception) {
34             exception.printStackTrace();
35         }
36     }
37 }

In the above code, at line 14 I create an instance of “JwtParserBuilder”.

At line 15, I am telling to the instance of “JwtParserBuilder” whichever JWT it parses, it has to assert that the JWT contains “name” claim and its value matches with “Sumanth”.

At line 17, we parse the first token and it will succeed without any error as the JWT contains “name” claim and its value matches with user specified value.

At line 22, we are telling the instance of “JwtParserBuilder” to verify whether a token contains “name” claim with value “Sumanth1”. Since the claim name is same as the one at line 15, It will override the previous assertion.

At line 24, we parse the second token and it will fail because it has the claim but the value is not matching. It throws “IncorrectClaimException” exception.

At line 30, we are telling the instance of “JwtParserBuilder” to verify whether a token contains “name1” claim with value “Sumanth”.

At line 32, we parse the third token and it will fail because it doesn’t have the custom claim, so it fails. It throws “MissingClaimException” exception.

Below is the output

Output

{typ=JWT, alg=none}
{sub=1234567890, iat=1661659955, name=Sumanth}
io.jsonwebtoken.IncorrectClaimException: Expected name claim to be: Sumanth1, but was: Sumanth.
at jjwt.impl@0.11.5/io.jsonwebtoken.impl.DefaultJwtParser.validateExpectedClaims(DefaultJwtParser.java:505)
at jjwt.impl@0.11.5/io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:452)
at jjwt.impl@0.11.5/io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:529)
at jjwt.impl@0.11.5/io.jsonwebtoken.impl.DefaultJwtParser.parseClaimsJwt(DefaultJwtParser.java:562)
at jjwt.impl@0.11.5/io.jsonwebtoken.impl.ImmutableJwtParser.parseClaimsJwt(ImmutableJwtParser.java:163)
at JJWTConcepts/defaultPackage.Example9.main(Example9.java:24)
io.jsonwebtoken.MissingClaimException: Expected name1 claim to be: Sumanth, but was not present in the JWT claims.
at jjwt.impl@0.11.5/io.jsonwebtoken.impl.DefaultJwtParser.validateExpectedClaims(DefaultJwtParser.java:498)
at jjwt.impl@0.11.5/io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:452)
at jjwt.impl@0.11.5/io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:529)
at jjwt.impl@0.11.5/io.jsonwebtoken.impl.DefaultJwtParser.parseClaimsJwt(DefaultJwtParser.java:562)
at jjwt.impl@0.11.5/io.jsonwebtoken.impl.ImmutableJwtParser.parseClaimsJwt(ImmutableJwtParser.java:163)
at JJWTConcepts/defaultPackage.Example9.main(Example9.java:32)

Published by sumanthprabhakar

Leave a Reply