Skip to content
This repository was archived by the owner on Apr 10, 2025. It is now read-only.

Commit b431ebc

Browse files
sgramponesgrampone
authored
Create new Signature verification methods (#33)
1 parent 83469d9 commit b431ebc

File tree

1 file changed

+42
-21
lines changed

1 file changed

+42
-21
lines changed

GeneXusJWT/src/main/java/com/genexus/JWT/JWTCreator.java

Lines changed: 42 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,7 @@ public JWTCreator() {
4444

4545
/******** EXTERNAL OBJECT PUBLIC METHODS - BEGIN ********/
4646
public String doCreate(String algorithm, PrivateClaims privateClaims, JWTOptions options) {
47+
this.error.cleanError();
4748
if (options.hasError()) {
4849
this.error = options.getError();
4950
return "";
@@ -96,6 +97,35 @@ public String doCreate(String algorithm, PrivateClaims privateClaims, JWTOptions
9697
}
9798

9899
public boolean doVerify(String token, String expectedAlgorithm, PrivateClaims privateClaims, JWTOptions options) {
100+
return doVerify(token, expectedAlgorithm, privateClaims, options, true, true);
101+
}
102+
103+
public boolean doVerifyJustSignature(String token, String expectedAlgorithm, JWTOptions options) {
104+
return doVerify(token, expectedAlgorithm, null, options, false, false);
105+
}
106+
107+
public boolean doVerifySignature(String token, String expectedAlgorithm, JWTOptions options) {
108+
return doVerify(token, expectedAlgorithm, null, options, false, true);
109+
}
110+
111+
public String getPayload(String token) {
112+
return getTokenPart(token, "payload");
113+
114+
}
115+
116+
public String getHeader(String token) {
117+
return getTokenPart(token, "header");
118+
}
119+
120+
public String getTokenID(String token) {
121+
return getTokenPart(token, "id");
122+
}
123+
124+
/******** EXTERNAL OBJECT PUBLIC METHODS - END ********/
125+
126+
private boolean doVerify(String token, String expectedAlgorithm, PrivateClaims privateClaims, JWTOptions options,
127+
boolean verifyClaims, boolean verifyRegClaims) {
128+
this.error.cleanError();
99129
if (options.hasError()) {
100130
this.error = options.getError();
101131
return false;
@@ -108,10 +138,14 @@ public boolean doVerify(String token, String expectedAlgorithm, PrivateClaims pr
108138
this.error.setError("JW005", e.getMessage());
109139
return false;
110140
}
111-
if (isRevoqued(decodedJWT, options) || !verifyPrivateClaims(decodedJWT, privateClaims, options)
112-
|| !verifyHeader(decodedJWT, options)) {
141+
if (isRevoqued(decodedJWT, options)) {
113142
return false;
114143
}
144+
if (verifyClaims) {
145+
if (!verifyPrivateClaims(decodedJWT, privateClaims, options) || !verifyHeader(decodedJWT, options)) {
146+
return false;
147+
}
148+
}
115149
String algorithm = decodedJWT.getAlgorithm();
116150
JWTAlgorithm alg = JWTAlgorithm.getJWTAlgorithm(algorithm, this.error);
117151
if (this.hasError()) {
@@ -146,7 +180,7 @@ public boolean doVerify(String token, String expectedAlgorithm, PrivateClaims pr
146180
}
147181
}
148182
Verification verification = JWT.require(algorithmType);
149-
verification = buildVerification(verification, options);
183+
verification = buildVerification(verification, options, verifyRegClaims);
150184
if (this.hasError()) {
151185
return false;
152186
}
@@ -165,21 +199,6 @@ public boolean doVerify(String token, String expectedAlgorithm, PrivateClaims pr
165199

166200
}
167201

168-
public String getPayload(String token) {
169-
return getTokenPart(token, "payload");
170-
171-
}
172-
173-
public String getHeader(String token) {
174-
return getTokenPart(token, "header");
175-
}
176-
177-
public String getTokenID(String token) {
178-
return getTokenPart(token, "id");
179-
}
180-
181-
/******** EXTERNAL OBJECT PUBLIC METHODS - END ********/
182-
183202
private String getTokenPart(String token, String part) {
184203
DecodedJWT decodedToken = JWT.decode(token);
185204
String base64Part = "";
@@ -211,8 +230,11 @@ private boolean isRevoqued(DecodedJWT decodedJWT, JWTOptions options) {
211230
return rList.isInRevocationList(decodedJWT.getId());
212231
}
213232

214-
private Verification buildVerification(Verification verification, JWTOptions options) {
233+
private Verification buildVerification(Verification verification, JWTOptions options, boolean verifyClaims) {
215234
// Adding registered claims
235+
if (!verifyClaims) {
236+
return verification;
237+
}
216238
if (options.hasRegisteredClaims()) {
217239
RegisteredClaims registeredClaims = options.getAllRegisteredClaims();
218240
List<Claim> registeredC = registeredClaims.getAllClaims();
@@ -398,8 +420,7 @@ private boolean verifyHeader(DecodedJWT decodedJWT, JWTOptions options) {
398420
if (parameters.isEmpty() && claimsNumber == 2) {
399421
return true;
400422
}
401-
if(parameters.isEmpty() && claimsNumber > 2)
402-
{
423+
if (parameters.isEmpty() && claimsNumber > 2) {
403424
return false;
404425
}
405426
List<String> allParms = parameters.getAll();

0 commit comments

Comments
 (0)