Generated with Java JJWT signature fails at jwt.io debugger

前端未结

关注

 1  1081

I am using the jjwt Java library for server side generation of jwt in on servlets, the code snipper below straight from the jjwt GitHub page https://github.com/jwtk/jjwt gen

相关标签:

1条回答

不思量自难忘°

2020-12-19 19:17
Try with secr and check the base64 option :)

It is due to .signWith(SignatureAlgorithm.HS256, "secret"). It is implemented by DefaultJwtBuilder class
```
public JwtBuilder signWith(SignatureAlgorithm alg, String base64EncodedSecretKey) 
```
This method assumes that you are providing a key in base64 and secret is not base64. When the method decodes from base64 to byte[] the java converter used by jjwt provides a representation of the string secr which is different to the JavaScript decoder used at jwt.io

You can test yourself with
```
System.out.println(
                javax.xml.bind.DatatypeConverter.printBase64Binary(
                        javax.xml.bind.DatatypeConverter.parseBase64Binary("secret")));
```
0 讨论(0)
发布评论:

提交评论
- 加载中...