Skip to content

Commit 92a4fdc

Browse files
peacekeeperpeacekeeper
committed
Option to not validate JWT signature
1 parent cf96367 commit 92a4fdc

File tree

1 file changed

+17
-4
lines changed

1 file changed

+17
-4
lines changed

src/main/java/com/danubetech/verifiablecredentials/jwt/JwtVerifiableCredential.java

Lines changed: 17 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -33,17 +33,25 @@ private JwtVerifiableCredential(JwtClaims payload, VerifiableCredential payloadV
3333
this.payloadVerifiableCredential = payloadVerifiableCredential;
3434
}
3535

36-
public static JwtVerifiableCredential fromJwt(String jwt, String algorithm, PublicKey publicKey) throws JoseException, GeneralSecurityException, InvalidJwtException {
36+
public static JwtVerifiableCredential fromJwt(String jwt, String algorithm, PublicKey publicKey, boolean doValidate) throws JoseException, GeneralSecurityException, InvalidJwtException {
3737

3838
boolean validate;
3939

4040
JsonWebSignature jws = new JsonWebSignature();
4141
jws.setAlgorithmConstraints(new AlgorithmConstraints(AlgorithmConstraints.ConstraintType.WHITELIST, algorithm));
4242
jws.setCompactSerialization(jwt);
4343

44-
jws.setKey(publicKey);
45-
validate = jws.verifySignature();
46-
if (! validate) throw new GeneralSecurityException("Invalid signature: " + jwt);
44+
if (doValidate) {
45+
46+
jws.setKey(publicKey);
47+
validate = jws.verifySignature();
48+
if (! validate) throw new GeneralSecurityException("Invalid signature: " + jwt);
49+
50+
System.setProperty("org.jose4j.jws.getPayload-skip-verify", "false");
51+
} else {
52+
53+
System.setProperty("org.jose4j.jws.getPayload-skip-verify", "true");
54+
}
4755

4856
JwtClaims jwtPayload = JwtClaims.parse(jws.getPayload());
4957
LinkedHashMap<String, Object> jsonLdObject = (LinkedHashMap<String, Object>) jwtPayload.getClaimValue(JWT_CLAIM_VC);
@@ -52,6 +60,11 @@ public static JwtVerifiableCredential fromJwt(String jwt, String algorithm, Publ
5260
return new JwtVerifiableCredential(jwtPayload, payloadVerifiableCredential);
5361
}
5462

63+
public static JwtVerifiableCredential fromJwt(String jwt, String algorithm, PublicKey publicKey) throws JoseException, GeneralSecurityException, InvalidJwtException {
64+
65+
return fromJwt(jwt, algorithm, publicKey, true);
66+
}
67+
5568
public static JwtVerifiableCredential fromVerifiableCredential(VerifiableCredential verifiableCredential, String aud) {
5669

5770
VerifiableCredential payloadVerifiableCredential;

0 commit comments

Comments
 (0)