java 公钥 验证,如何使用Java中的标记和公钥验证JWT签名

I have a token in the form of a string and I downloaded the public cert and created a public key out of it as follows.

But I'm not sure how proceed for verification with just this much info.

I found solutions for C# and .NET but not for Java.

Please note I don't have the jks file or private key.

FileInputStream fin = new FileInputStream("d://public.crt");

CertificateFactory f = CertificateFactory.getInstance("X.509");

X509Certificate certificate = (X509Certificate)f.generateCertificate(fin);

PublicKey pk = certificate.getPublicKey();

解决方案

To verify a JWT in Java using Auth0 library (com.auth0:java-jwt):

Retrieve the algorithm the key has been signed with, for example:

// Load your public key from a file

final PublicKey ecdsa256PublicKey = getPublicKey(...);

final Algorithm algorithm = Algorithm.ECDSA256((ECPublicKey) ecdsa256PublicKey, null);

Verify its signature using the corresponding algorithm:

final DecodedJWT decodedJWT = JWT.decode("J.W.T[...]");

// Will throw a SignatureVerificationException if the token's signature is invalid

algorithm.verify(decodedJWT);

  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值