In this post under JJWT, I will show with example how to create and parse asymmetric key signed JWT containin payload.
The JWT can contain claims or payload.
For our example we will use a JWT containing payload.
Below is the complete code for your reference
Main code
1 package defaultPackage;
2 import java.security.KeyPair;
3 import java.security.PrivateKey;
4 import java.security.PublicKey;
5
6 import io.jsonwebtoken.Jws;
7 import io.jsonwebtoken.JwtBuilder;
8 import io.jsonwebtoken.JwtParser;
9 import io.jsonwebtoken.JwtParserBuilder;
10 import io.jsonwebtoken.Jwts;
11 import io.jsonwebtoken.security.SignatureAlgorithm;
12
13 public class Example10 {
14 public static void main(String[] args) throws Exception {
15 SignatureAlgorithm signatureAlgorithm = Jwts.SIG.EdDSA;
16 KeyPair keyPair = signatureAlgorithm.keyPair().build();
17
18 Example10 example10 = new Example10();
19 String data = example10.toJWTString(keyPair.getPrivate());
20 System.out.println(data);
21 Jws<byte[]> jws = example10.toJWS(keyPair.getPublic(), data);
22
23 System.out.println(jws.getHeader());
24 System.out.println(new String(jws.getPayload()));
25 }
26
27 public String toJWTString(PrivateKey privateKey) {
28 JwtBuilder jwtBuilder = Jwts.builder();
29 jwtBuilder.signWith(privateKey);
30
31 jwtBuilder.header().add("typ", "JWT");
32
33 String payload = "Hi my name is Sumanth";
34 jwtBuilder.content(payload);
35
36 String jwtString = jwtBuilder.compact();
37 return jwtString;
38 }
39
40 public Jws<byte[]> toJWS(PublicKey publicKey, String data) {
41 JwtParserBuilder jwtParserBuilder = Jwts.parser();
42 jwtParserBuilder.verifyWith(publicKey);
43 JwtParser jwtParser = jwtParserBuilder.build();
44 Jws<byte[]> jws = jwtParser.parseSignedContent(data);
45 return jws;
46 }
47 }In the above code at line 15, I created an instance of “SignatureAlgorithm” and using that instance I created a key pair named “keyPair” at line 16.
At line 19, I call “toJWTString” method and pass the private key.
The “toJWTString” will create serialized form of the signed JSON web token
In the “toJWTString” method at line 28, I create an instance of “JwtBuilder” and at line 29 I configure it to use the private key for signing purpose by calling “signWith” method and passing the private key as an argument to this method.
At line 31, I created the header and at line 33 and 34, I created the payload and set it.
At line 36, I call “compact” method of “JwtBuilder” instance to generate the compact, signed JWT.
This JWT is returned to the main method at line 19 and saved in “data” String variable.
At line 21, I call “toJWS” method and passed the JWT token saved in “data” String variable.
The method “toJWS” purpose is to parses the String data and returns “Jws” instance.
At line 41, I create an instance of “JwtParserBuilder” and at line 42, I configure it to use public key when verifying the serialized token, by calling “verifyWith” method and passing the public key as an argument.
After configuration, I get the actual parser instance “JwtParser” at line 43.
At line 44, I parse the token by calling “parseSignedContent” method available on “JwtParser” instance. This will return an instance of “Jws” class which will have all the information serialized in the token. This instance will be returned to the main method.
At line 23, I print the header information and at line 24, I print the payload.
In this way, we can create and parse asymmetric key signed JWT containing payload.
Code Recipes Blog 