Как декодировать токен JWT, чтобы получить подробную информацию о заголовке и полезной нагрузке с помощью Nimbus-Jose-Jwt?

Question

Как декодировать токен JWT, чтобы получить подробную информацию о заголовке и полезной нагрузке с помощью Nimbus-Jose-Jwt?

У меня есть токен JWT, который я хотел его расшифровать. Если я сделаю это онлайн здесь: https://jwt.io/. Получаю полный ответ.

токен =

eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5UQXhabU14TkRNeVpEZzNNVFUxWkdNME16RXpPREpoWldJNE5ETmxaRFU0xT0dGmlg3CZ6PfirbN9rUHDhWxXNbqA49ne2Fam_SXWiKUBfQN10ddLIKrY8L8xalQ0DX3LiQg0TmdYspR4vVd3Mfji919UJEFSe894JD-PqFTFcvVsLgLm9pWNoyXNVEz6gTiR5JM_UlAPZ4N8FjCla9tMjRfiG-l4gvdmXhF84_a7IwwVLY7DkOs0m-7UK3evB005QZJ5_vmYEtAFV6pFzSt3Jz_fqEPR4RIkrjUIei7m4KyQ3QEl-_ZuhPn80UrACbFqyIQ0Fl71cMQ5V28AXKt8AitGT53XL0LK-cnNmQqyy8WTNRaWmVAZIW7XOCcHBkg9diWy-uZvHSL3pig9Pfr0sg==

Интернет-ответ:HEADER:

{
  "typ": "JWT",
  "alg": "RS256",
  "x5t": "NTAxZmMxNDMyZDg3MTU1ZGM0MzEzODJhZWI4NDNlZDU1OGFkNjFiMQ"
}

ЗАГРУЗКА:

{
  "aud": "http://org.wso2.apimgt/gateway",
  "sub": "Sampath",
  "application": {
    "id": 3,
    "name": "Test JWT",
    "tier": "Unlimited",
    "owner": "Sampath"
  },
  "scope": "am_application_scope default",
  "iss": "https://localhost:9443/oauth2/token",
  "keytype": "PRODUCTION",
  "subscribedAPIs": [],
  "consumerKey": "FPGkgJ6wP0fV1KMKqdEo7_U5dSEa",
  "exp": 1549542345,
  "iat": 1549538745278,
  "jti": "c058831a-7c84-40da-a1d8-85db4a6c68d3"
}

Как мы можем это сделать, используя код Java?

Как-то я использую

<dependency>
    <groupId>com.auth0</groupId>
    <artifactId>java-jwt</artifactId>
    <version>3.8.2</version>
</dependency>

Код:

@SpringBootApplication
public class JwtDecodeApplication implements CommandLineRunner{

    public static void main(String[] args) {
        SpringApplication.run(JwtDecodeApplication.class, args);
    }

    @Override
    public void run(String... args) throws Exception {  
        String token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5UQXhabU14TkRNeVpEZzNNVFUxWkdNME16RXpPREpoWldJNE5ETmxaRFUxT0dGa05qRmlNUSJ9.eyJhdWQiOiJodHRwOlwvXC9vcmcud3NvMi5hcGltZ3RcL2dhdGV3YXkiLCJzdWIiOiJTYW1wYXRoIiwiYXBwbGljYXRpb24iOnsiaWQiOjMsIm5hbWUiOiJUZXN0IEpXVCIsInRpZXIiOiJVbmxpbWl0ZWQiLCJvd25lciI6IlNhbXBhdGgifSwic2NvcGUiOiJhbV9hcHBsaWNhdGlvbl9zY29wZSBkZWZhdWx0IiwiaXNzIjoiaHR0cHM6XC9cL2xvY2FsaG9zdDo5NDQzXC9vYXV0aDJcL3Rva2VuIiwia2V5dHlwZSI6IlBST0RVQ1RJT04iLCJzdWJzY3JpYmVkQVBJcyI6W10sImNvbnN1bWVyS2V5IjoiRlBHa2dKNndQMGZWMUtNS3FkRW83X1U1ZFNFYSIsImV4cCI6MTU0OTU0MjM0NSwiaWF0IjoxNTQ5NTM4NzQ1Mjc4LCJqdGkiOiJjMDU4ODMxYS03Yzg0LTQwZGEtYTFkOC04NWRiNGE2YzY4ZDMifQ==.g3CZ6PfirbN9rUHDhWxXNbqA49ne2Fam_SXWiKUBfQN10ddLIKrY8L8xalQ0DX3LiQg0TmdYspR4vVd3Mfji919UJEFSe894JD-PqFTFcvVsLgLm9pWNoyXNVEz6gTiR5JM_UlAPZ4N8FjCla9tMjRfiG-l4gvdmXhF84_a7IwwVLY7DkOs0m-7UK3evB005QZJ5_vmYEtAFV6pFzSt3Jz_fqEPR4RIkrjUIei7m4KyQ3QEl-_ZuhPn80UrACbFqyIQ0Fl71cMQ5V28AXKt8AitGT53XL0LK-cnNmQqyy8WTNRaWmVAZIW7XOCcHBkg9diWy-uZvHSL3pig9Pfr0sg==";

        try {
            DecodedJWT jwt = JWT.decode(token);

            // Headers
            String header = jwt.getHeader();
            System.out.println("HEADER = "+header);

            // claims
            Map<String, Claim> claims = jwt.getClaims();
            claims.forEach((k,v) -> System.out.println("KEY = "+k + ", VALUE ="+v));

            System.out.println("-----------------------------------------------");
            System.out.println("Subject = "+jwt.getSubject());
            System.out.println("Algorithm = "+jwt.getAlgorithm());
            System.out.println("Issuer = "+jwt.getIssuer());
            System.out.println("Payload = "+jwt.getPayload());
            System.out.println("Token = "+jwt.getToken());
            System.out.println("Subject = "+jwt.getContentType());
            System.out.println("Id = "+jwt.getId());
            System.out.println("KeyId = "+jwt.getKeyId());
            System.out.println("Signature = "+jwt.getSignature());
            System.out.println("ExpiresAt = "+jwt.getExpiresAt());
            System.out.println("IssuedAt = "+jwt.getIssuedAt());
            System.out.println("NotBefore = "+jwt.getNotBefore());
            System.out.println("Audience = "+jwt.getAudience());

        } catch (JWTDecodeException e){
            //Invalid token
            System.out.println(e);
        }
    }
}

2

java nimbus nimbus-jose-jwt

Источник

user2929562 28 авг '19 в 19:12

2 ответа

Другие вопросы по тегам java nimbus nimbus-jose-jwt

user7319891 24 июн '20 в 13:48 2020-06-24 13:48 · Answer 1 · 2020-06-24 13:48

private String parseJWT(String claim, String accessToken) {
        SignedJWT decodedJWT;
        try {
            decodedJWT = SignedJWT.parse(accessToken);
            decodedJWT.getJWTClaimsSet().getClaim(claim).toString();
            decodedJWT.getHeader().get.....
        } catch (ParseException e) {
            throw new Exception("Invalid token!");
        }
    }

Если это не сработает, замените SignedJWT на EncryptedJWT или PlainJWT.

user1624750 22 мар '21 в 18:26 2021-03-22 18:26 · Answer 2 · 2021-03-22 18:26

Include

       <dependency>
  <groupId>io.jsonwebtoken</groupId>
  <artifactId>jjwt</artifactId>
  <version>0.9.1</version>
</dependency>

Then try below sample

       public class Test {
        private static Object decode(String jwt) throws NoSuchAlgorithmException, InvalidKeySpecException {
            String publicKeyContent =
                    "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPfD8thRbT1Md0xzA55zSzA084bevOGgFg1Jx5n2Fjtk5sJ" +
                            "piTKaWvw92gRoZm0F0UzJ+lo55CiUKWBHIR9y+FcsEotaWjjAx9llqFzbRkCc3x9TCKyCG0Pr6OwRZdAWYFTaEI7m" +
                            "eAfen+LuIUazwYBXfO7nVrzXg4EbMHL+wwUhalOJxkzBhXDOHnWKIQdNBSWUbl3RetWpGWYOzM9ePgGv2GbXgXFp4NYhS" +
                            "hqDewIAhG2KhJHFR4E10GLEOzKep6VhOX3dRH897QuSnud5c" +
                            "hoVrYePldzc2QGJYosgfn/oFfOTb+Kj4HQtOmvJvZZRfI7lWMjOgHen12vH8dOr0QIDAQAB";
    
            KeyFactory kf = KeyFactory.getInstance("RSA");
            X509EncodedKeySpec keySpecX509 = new X509EncodedKeySpec(Base64.getDecoder().decode(publicKeyContent));
            RSAPublicKey pubKey = (RSAPublicKey) kf.generatePublic(keySpecX509);
            return  Jwts.parser()
                    .setSigningKey(pubKey)
                    .parseClaimsJws(jwt).getBody().get("preferred_username");
        }
    
    
    
        public static void main(String[] arg) throws InvalidKeySpecException, NoSuchAlgorithmException {
            System.out.println(decode("eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJRcm5CVjYwVkZvZF9ZaEw2Um5QNXp1NGNXNWZra1VNZ2EwQWJrdmt0VVo0In0.eyJleHAiOjE2MTY0MjY1NzksImlhdCI6MTYxNjQyNTk3OSwianRpIjoiMDU4ZDNjYzItMGY5OC00ODBlLWI0NGEtM2ExOWUzNDQyNzkzIiwiaXNzIjoiaHR0cDovL3Nlc3Rhd2tjMDFkZXYuYXBpY2EubG9jYWw6ODA4MC9hdXRoL3JlYWxtcy9tYXN0ZXIiLCJzdWIiOiIxMzI1YjM5Ny1mNzk4LTRmYTAtOGE2MC04OWRlM2MzZmQ0YmIiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJhZG1pbi1jbGkiLCJzZXNzaW9uX3N0YXRlIjoiY2Y3YzYxN2MtNTFlMy00NGIzLTk0MmItMTk4NDA0NmNlNWNmIiwiYWNyIjoiMSIsInNjb3BlIjoicHJvZmlsZSBlbWFpbCIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwicHJlZmVycmVkX3VzZXJuYW1lIjoiYWRtaW4ifQ.J76L_obm89kFAL7zwg5wt1Qni6r7GZYDdgbWCfEKZfKwDc95cOOnfX2ULvglRCJ-Noaq5JKmZgkyg0wRJKeny-9yEwu0KZJuuJXF4pVvjjjYQIY4o4f8XkXaMvZmR4Lvo-MXQr3yKSsSVfWte2rj4nvc_2COQId1e1YLCJR1h00eiahGCzao8UOizmQfMtBSP0V6waSCgi2LUqBGRtoP8xlRD3UD4w4wBS8_H72NXRSLBVHvJ7G6Qy3-yScnVIldibiqhNj5_htiFS7I32sQxLdNluoAXFy3SjkgcX7ibnaZTvE2l7Wn1izMaq3qVUV25FxCJrVpbbzyu8XAL7o0KQ"));
        }
    }