A simple to use Java 8 JWT Library. Verify, Sign, Encode, Decode all day.
Clone or download
Latest commit 2bf372a Nov 4, 2018

README.md

FusionAuth JWT semver 2.0.0 compliant

FusionAuth JWT is intended to be fast and easy to use. FusionAuth JWT has a single external dependency on Jackson.

Example Code:

Encode a JWT using HMAC

Signer signer = HMACSigner.newSHA256Signer("too many secrets");

JWT jwt = new JWT().setIssuer("www.acme.com")
                   .setIssuedAt(ZonedDateTime.now(ZoneOffset.UTC))
                   .setSubject("f1e33ab3-027f-47c5-bb07-8dd8ab37a2d3")
                   .setExpiration(ZonedDateTime.now(ZoneOffset.UTC).plusMinutes(60));
                       
String encodedJWT = JWT.getEncoder().encode(jwt, signer);

A higher strength hash can be used by changing the signer. The encoding and decoding steps are not affected.

Signer signer = HMACSigner.newSHA512Signer("too many secrets");

Decode a JWT using HMAC

Verifier verifier = HMACVerifier.newVerifier("too many secrets");

JWT jwt = JWT.getDecoder().decode(encodedJWT, verifier);
assertEquals(jwt.subject, "f1e33ab3-027f-47c5-bb07-8dd8ab37a2d3");

Encode a JWT using RSA

Signer signer = RSASigner.newSHA256Signer(new String(Files.readAllBytes(Paths.get("private_key.pem"))));

JWT jwt = new JWT().setIssuer("www.acme.com")
                   .setIssuedAt(ZonedDateTime.now(ZoneOffset.UTC))
                   .setSubject("f1e33ab3-027f-47c5-bb07-8dd8ab37a2d3")
                   .setExpiration(ZonedDateTime.now(ZoneOffset.UTC).plusMinutes(60));
        
String encodedJWT = JWT.getEncoder().encode(jwt, signer);

A higher strength hash can be used by changing the signer. The encoding and decoding steps are not affected.

Signer signer = RSASigner.newSHA512Signer(new String(Files.readAllBytes(Paths.get("private_key.pem"))));

Decode a JWT using RSA

Verifier verifier = RSAVerifier.newVerifier(new String(Files.readAllBytes(Paths.get("public_key.pem"))));

JWT jwt = JWT.getDecoder().decode(encodedJWT, verifier);
assertEquals(jwt.subject, "f1e33ab3-027f-47c5-bb07-8dd8ab37a2d3");

Supported JSON Web Algorithms (JWA) as described in RFC 7518

HS256, HS384, HS512, RS256, RS384, RS512, none (Unsecured)

Maven Dependency

<dependency>
 <groupId>io.fusionauth</groupId>
 <artifactId>fusionauth-jwt</artifactId>
 <version>2.1.1</version>
</dependency>

Building with Maven

$ mvn install

Building with Savant

Note: This project uses the Savant build tool. To compile using using Savant, follow these instructions:

$ mkdir ~/savant
$ cd ~/savant
$ wget http://savant.inversoft.org/org/savantbuild/savant-core/1.0.0/savant-1.0.0.tar.gz
$ tar xvfz savant-1.0.0.tar.gz
$ ln -s ./savant-1.0.0 current
$ export PATH=$PATH:~/savant/current/bin/

Then, perform an integration build of the project by running:

$ sb int

For more information, checkout savantbuild.org.