This project contains 2 simple libraries:
jwt-generatorfor generating a signed and encrypted JWTsjwt-verifierfor verifying the signature, encryption and data from a signed and encrypted JWT
In addition, it contains 2 simple webapps that use these libraries:
jwt-generator-webappwhich exposes a REST API to generate a JWT with thejwt-generatorlibraryjwt-verifier-webappwhich exposes a REST API to verify a JWT with thejwt-verifierlibrary
To build the entire project, just run a standard mvn build command, e.g.
mvn clean install
The *-webapp modules Spring Boot deployable webapps. The easiest way to run is used the Spring Boot maven commands:
mvn spring-boot:run -f jwt-generator-webapp
mvn spring-boot:run -f jwt-verifier-webapp
Once both webapps are running, you can generate a JWT by invoking the following URL to hit jwt-generator-webapp:
https://localhost:8880/login?username=<username>
This will return a response like:
{
jwt: "eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiUlNBLU9BRVAtMjU2In0.bzWxsUNcyk8TGbxKr2LzH8x_IJMS83Zciu90fAGIILTSjbcVQkz5gE9YwCVi2b_y1AYuwgz3QVfx7RMwE7nMXI3DR-xG9WGMGwd1jHqbyJ5YrhDyxcnCmhmNTXih-MMj8MyMC3mKk7qd7koSejzHLtjc2uGBsarAItYJBQ04igz8RKc33NRIyNTDprNSFSfABRXwyx8_vLuex7oNaqAFqSqiISpM0Nhw0W_CBC5JNwaDXugFuTRyzGaYf0KgPnRx6DUmK7sIGMu-Th2GcvrsxV3-9WV7zaep25ppllhoNTlz2zEAAfQn1QcduvMGfW6nNfpwXFzuMj9AQum1_O1NiFGO8W5s94VKZfyIlZZGeJMBaR_zXlO5fVIXlH2z18o8Aftkd4B5bPGFrBLxg0wq7PiRR3Grdswgrfx82vDyib_z9Qs6iSnP-Cb9dXL9c5fZ9UUc0MoZ3gToVwAOSY3pu-O0EWK1wp3qbf7kCSRf7pTA0JdVL4eIjSmlioO_91zdG5ftRVZgoVZCAyhJRDDm_hXHAnG8ej9rVAYonvi2AcvIOuZBuq4Ip-X_gr3KgBFtdz_grF46I9LSjt70bw0NHwuYz4e82LpV5JEIfh0Vg1zKG2B-GCD6isR4r3CQODHbdh8MHFgGm1xeUDdh8e0g0IFqSBPSPIYb4gAys3Nc8zc.-IHAJjUn5eD0F4IX.62OC8xQ3pNnUeUPTVnCER7GBVKJkd6cZhyleYz9Vt1I75aWvhwI1hFCMPL6o_wPyZrzFIIjeOjeYFkvE8X5iXw_TL2uuQ7rPzumvbd8IhGFxhhFJP0ha2w_YqK5_sQ475ULdLouYmtkmeWqIFo_UIrkEGAe_YACWxk5rmXUYsrmhy9uSF4iMTUOQhZ1ua32-q4GM2Kmw5cWsXJEO5lw3r4wkSlf4YAyfO3m37wnZuMWZcySRart1sKuFR-rORdnbs24AEf_BB1Qjy_psH5kcdjltUreghWCcZ6V8QpWEVO6kMDkjNTtLu_4MBqwTDl5bdUw1t2cIBeFzee4ex0DOestjPJOPoM1LKIGIV2B6dJpaCUWoE3al8AAnNpx9PznPq9U7vgnDapIUdAiT5DFz9A80mEtV_9hQM1Y5c_vDmaBzpXr9nE83HYCJ-rcSVk_m-z1j9nTbXhqnRZyefo5HnLOrZ2AOC7NAa95zK_ewvM2NUvIrAkp8NtZNUwuw5p8k_XwdLO8n3ygAZG7vRpi7u801Eokrp94oQnipztQZd3JHBdBm8bt3gIdFsmcI54kso6NiMsa0qlWKNHCHzUibdUbSiZ7C94brcopeJLWDKTpAll3omPSi9NGJxl7whtzhZP7XYig4SbbMj5deXVpSb1nNnpQCbQiStRy5b0AACb9SY0CFFA71MaMT1PRFzozq0MziRtp3OfgoBHxnu_Y_SdEOSDWnkr9Of1LypYLBh5qEOjIMiOPWGZ1SmmduOkM7uUCk0ZM6ObQO_Qg0xoTxlIxigmRDatpi-M9Bk97ZUjWWQDiAHVGiMJHInwBjatJl8pR5C3o_MKoWLalr1fUJoELCLEj_y3gSqaca3IaActRDt43vU_87bfHlQqLnnEQgd27ecwF93xvVhda1kUt--QRm_96nLMOOTxlhRmbNh-F4EUHDKWbCAsxILGJWNfUP0haloqAXgLzYmiFyWLHtrp7U9QpKpPR3xI6FDPprN6hvfzSwOAAjMkBe8C10Bhax3USgSUj11yqhaGMRt1SAEw08yW9W8FtBnTKxub71byQPjmu_jYL9FDNum4ouLH-W1HnqBr1i9LzwjbWCTaqUWOdMExOmBs-Mv1B1WTnHX_iaJeGj9J1rfOdwRBh4UWJzE87MYYPJyQ837pMetm70C0O-wX-7IWNrsyWmukL6IZTH-uskIaPxT-qxqXWziZ2aTKagMTG63AZfN_sk4Ip5.dmgmswl0tafMIRIHpFgjXQ"
}
The returned JWT value can then be passed in the following URL to hit jwt-verifier-webapp:
https://localhost:8881/login?jwt=<jwt>
This will return the username from the JWT which you provided in the original request for a JWT, such as:
{
name: "john"
}
These examples use RSA keys to encrypt and sign the JWT, the project contains some default RSA key pairs for each, but to generate new keys then run the re-generate-keys.sh script.
sh re-generate-keys.sh
This will generate new keys and replace the old keys in the projects. To use the new keys, re-build and deploy the *-webapp projects.