jjwt
jjwt copied to clipboard
jwtk
Java JWT: JSON Web Token for Java and Android
Due to `ServiceLoader` problems with: * file I/O at scale as discussed in https://github.com/jwtk/jjwt/issues/648#issuecomment-1206632743 as well as * ClassLoader problems in JEE environments as discussed in https://github.com/jwtk/jjwt/issues/751 (and perhaps this...
When use Spring boot and try generate a WJT says: ``` 2022-07-14T11:54:55.706-04:00 ERROR 81466 --- [0.1-9001-exec-1] o.a.c.c.C.[.[.[/].[dispatcherServlet] : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [Handler...
JJWT's early days allowed this for server-side convenience - in case a server wanted to verify a JWS with the private key it had access to. This however encourages poor...
This is important to get the latest security fixes from jackson. Users of jjwt-jackson have to exclude and manually upgrade this dependency otherwise.
Instead of now + skew - expired Fixes: #660
``` SecretKey key = Keys.secretKeyFor(SignatureAlgorithm.HS256); String jws = Jwts.builder() .setExpiration(new Date(2000)) .signWith(key) .compact(); Jwts.parserBuilder().setSigningKey(key) .setAllowedClockSkewSeconds(1) .setClock(() -> new Date(3001)) .build() .parseClaimsJws(jws); ``` The above code will throw an exception, because...
Hi, We are facing a this behavior when using the latest release of jjwt (`0.9.1`): When parsing the claims of a token that has a JSON body using `Jwts.parser().[...].parseClaimsJws(token)`, the...
It would be nice if the `JwtParserBuilder requireIssuer` can accept an array of issuer Strings in order to check if the 'iss' from the parsed jwt token matches one of...
