In this post under JJWT, I will show with example how to create and parse asymmetric key signed JWT containing claims.

Below is the complete code for your reference.

Main Class

1  package defaultPackage;
2  import java.security.KeyPair;
3  import java.security.PrivateKey;
4  import java.security.PublicKey;
5  import java.util.Date;
6  import java.util.HashMap;
7  import java.util.Map;
8  
9  import io.jsonwebtoken.Claims;
10 import io.jsonwebtoken.Header;
11 import io.jsonwebtoken.Jws;
12 import io.jsonwebtoken.JwtBuilder;
13 import io.jsonwebtoken.JwtParser;
14 import io.jsonwebtoken.JwtParserBuilder;
15 import io.jsonwebtoken.Jwts;
16 import io.jsonwebtoken.SignatureAlgorithm;
17 import io.jsonwebtoken.security.Keys;
18 
19 public class Example11 {
20     public static void main(String[] args) {
21         KeyPair keyPair = Keys.keyPairFor(SignatureAlgorithm.RS512);
22         Example11 example11 = new Example11();
23         String data = example11.toJWTString(keyPair.getPrivate());
24         System.out.println(data);
25         Jws<Claims> jws = example11.toJWS(keyPair.getPublic(), data);
26         System.out.println(jws.getBody());
27         System.out.println(jws.getSignature());
28         System.out.println(jws.getHeader());
29     }
30     
31     public String toJWTString(PrivateKey privateKey) {
32         JwtBuilder jwtBuilder = Jwts.builder();
33         jwtBuilder.signWith(privateKey);
34         
35         Map<String, Object> headerMap = new HashMap<>();
36         headerMap.put("alg", "HS512");
37         headerMap.put("typ", Header.JWT_TYPE);
38         
39         jwtBuilder.setHeader(headerMap);
40         
41         Claims claims = Jwts.claims();
42         claims.setSubject("1234567890");
43         claims.setIssuedAt(new Date());
44         claims.put("name", "Sumanth");
45         jwtBuilder.setClaims(claims);
46         
47         String jwt = jwtBuilder.compact();
48         return jwt;
49     }
50     
51     public Jws<Claims> toJWS(PublicKey publicKey, String data) {
52         JwtParserBuilder jwtParserBuilder = Jwts.parserBuilder();
53         jwtParserBuilder.setSigningKey(publicKey);
54         JwtParser jwtParser = jwtParserBuilder.build();
55         Jws<Claims> jws = jwtParser.parseClaimsJws(data);
56         return jws;
57     }
58 }

In the above code, at line 21, we create an instance of asymmetric key.

At line 23, we pass the private key to “toJWTString” method.

The “toJWTString” method creates a signed JWT in string format.

At line 32, inside the “toJWTString” method, we are creating an instance of “JwtBuilder”.

At line 33, we are instructing the “JwtBuilder” instance to use the passed private key when encrypting the JWT.

At line 25, we call “toJWS” method and pass the public key and signed JWT in string format as parameter.

At line 52, inside “toJWS” method we are creating an instance of “JwtParserBuilder”.

At line 53, we are instructing the instance of “JwtParserBuilder” to use the passed in public key when decrypting signed JWT.

At line 55, we are parsing the string format of signed JWT using the “parseClaimsJws” method.

In this way, we can create and parse a asymmetric key signed JWT containing claims.