Skip to content
This repository has been archived by the owner on Dec 6, 2020. It is now read-only.

righettod/poc-jwt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits

.idea

.idea

 
 

src/main

src/main

 
 

.gitignore

.gitignore

 
 

.travis.yml

.travis.yml

 
 

README.md

README.md

 
 

article.wiki

article.wiki

 
 

demo1.png

demo1.png

 
 

demo2.png

demo2.png

 
 

demo3.png

demo3.png

 
 

demo4.png

demo4.png

 
 

demo5.png

demo5.png

 
 

demo6.png

demo6.png

 
 

poc-jwt.iml

poc-jwt.iml

 
 

pom.xml

pom.xml

 
 

Repository files navigation

Introduction

It's the code repository of the OWASP cheatsheet JSON Web Token (JWT) Cheat Sheet for Java.

A web page propose the creation, validation and revocation of the token, see the image below:

Get a token:

Demo1

Token stored in browser session storage:

Demo2

Associated user fingerprint hardened cookie issued to tackle token sidejacking:

Demo3

Verification of the token:

Demo4

Revocation of the token (logout):

Demo5

Verification of the token indicating that the token has been revoked and is not valid anymore:

Demo5

All classes are fully documented.

The project was developed with JAX-RS + Maven under IntelliJ IDEA Community Edition.

Build status

Build Status

Build or Run

You can also use the Run Application running configuration from Intellij project.

Run the following command to create a WAR archive:

mvn clean package

Run the following command to run the prototype (application will be available on https://localhost:8443):

mvn tomcat7:run-war

About

POC about usage of JSON Web Tokens (JWT) in a secure way.

www.owasp.org/index.php/JSON_Web_Token_(JWT)_Cheat_Sheet_for_Java

Topics

java jwt owasp

Resources

Readme
Activity

Stars

26 stars

Watchers

3 watching

Forks

12 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages