Skip to content

Commit 8a3f3d8

Browse files
artem-vartem-v
committed
Try latest jjwt
1 parent d0d8b63 commit 8a3f3d8

File tree

3 files changed

+45
-16
lines changed

3 files changed

+45
-16
lines changed

jwt/pom.xml

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -15,8 +15,16 @@
1515

1616
<dependencies>
1717
<dependency>
18-
<groupId>com.auth0</groupId>
19-
<artifactId>java-jwt</artifactId>
18+
<groupId>io.jsonwebtoken</groupId>
19+
<artifactId>jjwt-api</artifactId>
20+
</dependency>
21+
<dependency>
22+
<groupId>io.jsonwebtoken</groupId>
23+
<artifactId>jjwt-impl</artifactId>
24+
</dependency>
25+
<dependency>
26+
<groupId>io.jsonwebtoken</groupId>
27+
<artifactId>jjwt-jackson</artifactId>
2028
</dependency>
2129
<dependency>
2230
<groupId>org.slf4j</groupId>

jwt/src/main/java/io/scalecube/security/jwt/JwksTokenResolver.java

Lines changed: 28 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,11 @@
11
package io.scalecube.security.jwt;
22

3-
import com.auth0.jwt.JWT;
4-
import com.auth0.jwt.algorithms.Algorithm;
5-
import java.security.interfaces.RSAPublicKey;
3+
import io.jsonwebtoken.Claims;
4+
import io.jsonwebtoken.Jwt;
5+
import io.jsonwebtoken.Jwts;
6+
import io.jsonwebtoken.LocatorAdapter;
7+
import io.jsonwebtoken.ProtectedHeader;
8+
import java.security.Key;
69
import java.util.concurrent.CompletableFuture;
710
import org.slf4j.Logger;
811
import org.slf4j.LoggerFactory;
@@ -25,12 +28,28 @@ public JwksTokenResolver(JwksKeyProvider keyProvider) {
2528
public CompletableFuture<JwtToken> resolveToken(String token) {
2629
return CompletableFuture.supplyAsync(
2730
() -> {
28-
final var rawToken = JWT.decode(token);
29-
final var kid = rawToken.getKeyId();
30-
final var publicKey = (RSAPublicKey) keyProvider.getKey(kid);
31-
final var verifier = JWT.require(Algorithm.RSA256(publicKey, null)).build();
32-
verifier.verify(token);
33-
return JwtToken.parseToken(token);
31+
final Jwt<?, ?> parse =
32+
Jwts.parser()
33+
.keyLocator(
34+
new LocatorAdapter<>() {
35+
@Override
36+
protected Key locate(ProtectedHeader header) {
37+
final var keyId = header.getKeyId();
38+
return keyProvider.getKey(keyId);
39+
}
40+
})
41+
.build()
42+
.parse(token);
43+
44+
parse.getHeader();
45+
46+
// final var rawToken = JWT.decode(token);
47+
// final var kid = rawToken.getKeyId();
48+
// final var publicKey = (RSAPublicKey) keyProvider.getKey(kid);
49+
// final var verifier = JWT.require(Algorithm.RSA256(publicKey, null)).build();
50+
// verifier.verify(token);
51+
52+
return new JwtToken(parse.getHeader(), (Claims) parse.getPayload());
3453
})
3554
.handle(
3655
(jwtToken, ex) -> {

pom.xml

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -44,7 +44,7 @@
4444
<vault-java-driver.version>5.1.0</vault-java-driver.version>
4545
<jackson.version>2.19.2</jackson.version>
4646
<slf4j.version>1.7.36</slf4j.version>
47-
<auth0.java-jwt.version>4.5.0</auth0.java-jwt.version>
47+
<jjwt.version>0.13.0</jjwt.version>
4848

4949
<mockito-junit.version>5.20.0</mockito-junit.version>
5050
<mockito-inline.version>5.2.0</mockito-inline.version>
@@ -72,11 +72,13 @@
7272
<artifactId>slf4j-api</artifactId>
7373
<version>${slf4j.version}</version>
7474
</dependency>
75-
<!-- Auth0/JWT -->
75+
<!-- Jsonwebtoken -->
7676
<dependency>
77-
<groupId>com.auth0</groupId>
78-
<artifactId>java-jwt</artifactId>
79-
<version>${auth0.java-jwt.version}</version>
77+
<groupId>io.jsonwebtoken</groupId>
78+
<artifactId>jjwt-bom</artifactId>
79+
<version>${jjwt.version}</version>
80+
<type>pom</type>
81+
<scope>import</scope>
8082
</dependency>
8183
<!-- Jackson -->
8284
<dependency>

0 commit comments

Comments
 (0)