Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

nested json JWT nimbus-jose -jwt library

Tags:

java

json

jwt

I'm trying to create a nested json JWT following the example provided over here http://connect2id.com/products/nimbus-jose-jwt/examples/signed-and-encrypted-jwt

import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;

import com.nimbusds.jose.*;
import com.nimbusds.jose.crypto.*;
import com.nimbusds.jwt.*;


    // Generate 256-bit AES key for HMAC as well as encryption
    KeyGenerator keyGen = KeyGenerator.getInstance("AES");
    keyGen.init(256);
    SecretKey secretKey = keyGen.generateKey();

    // Create HMAC signer
    JWSSigner signer = new MACSigner(secretKey.getEncoded());

    // Prepare JWT with claims set
    JWTClaimsSet claimsSet = new JWTClaimsSet();
    claimsSet.setSubject("alice");
    claimsSet.setIssueTime(new Date());
    claimsSet.setIssuer("https://c2id.com");

    SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.HS256), claimsSet);

    // Apply the HMAC
    signedJWT.sign(signer);

    // Create JWE object with signed JWT as payload
    JWEObject jweObject = new JWEObject(
        new JWEHeader.Builder(JWEAlgorithm.DIR, EncryptionMethod.A256GCM)
            .contentType("JWT") // required to signal nested JWT
            .build(),
        new Payload(signedJWT));

    // Perform encryption
    jweObject.encrypt(new DirectEncrypter(secretKey.getEncoded()));

    // Serialise to JWE compact form
    String jweString = jweObject.serialize();

The problem I'm having the resultant jweString is not coming correctly

eyJhbGc.
.6Ne
.tw8z

I'm getting 4 parts instead of 3 parts and there is one empty part

 eyJhbGc.
           .6Ne
like image 220
amer Avatar asked Oct 29 '25 19:10

amer

1 Answers

The general format of a JWE has five parts, <Header>.<EncryptedKey>.<InitializationVector>.<Ciphertext>.<AuthenticationTag>. In some cases, like using direct encryption that is in the example, there is no encrypted key and that part is left empty. So you should be getting a JWE with five parts where one part is empty that looks something like, eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiZGlyIn0..PVEd_V4E8qyppt6u.UOLp2qTNMw3iA9tyTEDHeJAdTczzI5uP4BkXHQSC6U73kywATBbvdWqz9nilsSWr1y-E1duTMvRL7hzDyyWPMZnpfnCWsjhzZtTnd22HODMWUpU.CoQq987RvHGIN5D6HhrjiQ

like image 181
Brian Campbell Avatar answered Nov 01 '25 09:11

Brian Campbell
Sign in to Comment

Related questions

How to implement autocompletetextview in Android Studio with an API call?
How can we profile JOOQ statements for speed
in Java, How do I peek() the top k elements in a PriorityQueue ?
Libgdx intersection of polygons

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!