From 13f2867f99f00ac008bbae73413b534d92ba5e97 Mon Sep 17 00:00:00 2001 From: Elex Date: Sat, 24 Feb 2024 10:56:40 +0900 Subject: [PATCH] - jwt decoding without a key --- json-web-token/build.gradle.kts | 2 +- .../java/kr/pe/elex/examples/Jwt0Sample.java | 5 ++++- .../java/kr/pe/elex/examples/JwtsSample.java | 19 +++++++++++++++++++ .../java/kr/pe/elex/examples/SampleTest.java | 18 ++++++++++++++++++ 4 files changed, 42 insertions(+), 2 deletions(-) diff --git a/json-web-token/build.gradle.kts b/json-web-token/build.gradle.kts index 482b2b9..35b3a88 100644 --- a/json-web-token/build.gradle.kts +++ b/json-web-token/build.gradle.kts @@ -17,6 +17,6 @@ dependencies { runtimeOnly("io.jsonwebtoken:jjwt-impl:0.12.5") runtimeOnly("io.jsonwebtoken:jjwt-jackson:0.12.5") - // another library + // another library, good for a client side implementation("com.auth0:java-jwt:4.4.0") } diff --git a/json-web-token/src/main/java/kr/pe/elex/examples/Jwt0Sample.java b/json-web-token/src/main/java/kr/pe/elex/examples/Jwt0Sample.java index 6741ce6..76323bf 100644 --- a/json-web-token/src/main/java/kr/pe/elex/examples/Jwt0Sample.java +++ b/json-web-token/src/main/java/kr/pe/elex/examples/Jwt0Sample.java @@ -25,12 +25,15 @@ public class Jwt0Sample { .withSubject("Hello") .sign(Algorithm.HMAC256(key)); } - public static DecodedJWT parseToken(String token){ + public static DecodedJWT parseToken(String token, byte[] key){ return JWT.require(Algorithm.HMAC256(key)) .withIssuer("Elex") .build() .verify(token); } + public static DecodedJWT parseToken(String token){ + return JWT.decode(token); + } public static void main(String... args){ String token = genToken(); diff --git a/json-web-token/src/main/java/kr/pe/elex/examples/JwtsSample.java b/json-web-token/src/main/java/kr/pe/elex/examples/JwtsSample.java index 34a1f85..61785b0 100644 --- a/json-web-token/src/main/java/kr/pe/elex/examples/JwtsSample.java +++ b/json-web-token/src/main/java/kr/pe/elex/examples/JwtsSample.java @@ -76,6 +76,25 @@ public class JwtsSample { throw e; } } + public static String decodeToken(final String token) throws JwtException { + String[] chunks = token.split("\\."); + Base64.Decoder decoder = Base64.getUrlDecoder(); + + String header = new String(decoder.decode(chunks[0])); + String payload = new String(decoder.decode(chunks[1])); + + return payload; + + + } + public static String decodeToken2(final String token) throws JwtException { + String s = Jwts.parser().unsecured().build().parseSignedClaims(token) + .getPayload().getSubject(); + + return s; + + + } public static String parseToken(final String token, final PublicKey key) throws JwtException { try { diff --git a/json-web-token/src/test/java/kr/pe/elex/examples/SampleTest.java b/json-web-token/src/test/java/kr/pe/elex/examples/SampleTest.java index 413dfd2..7a9ed95 100644 --- a/json-web-token/src/test/java/kr/pe/elex/examples/SampleTest.java +++ b/json-web-token/src/test/java/kr/pe/elex/examples/SampleTest.java @@ -26,7 +26,25 @@ import java.util.Random; import static org.junit.jupiter.api.Assertions.*; class SampleTest { +@Test +void test2(){ + final SecretKey signingKey = Jwts.SIG.HS384.key().build(); + String token = Jwts.builder() + .header().type("JWT") + .and() + .issuer("Elex") + .expiration(Date.from(Instant.now().plus(3, ChronoUnit.HOURS))) + .claim("userId", 3) + .subject("hello") + .signWith(signingKey) + .compact(); + String payload = JwtsSample.decodeToken(token); + System.out.println(payload); + + //String sub = JwtsSample.decodeToken2(token); + //System.out.println(sub); +} @Test void test() throws NoSuchAlgorithmException, InvalidKeySpecException { byte[] key = new byte[32];