Hi, You can find some code related to decoding and verifying the JWT at [1]. It uses PKI for verifying. [2] contains some code to verify using shared keys as per HMAC profile. You may be able to combine both and get what you want. However both of them have lot of manual steps to decode and verify signature. [3] is a good library to get the same done.
[1] https://svn.wso2.org/repos/wso2/people/johann/JWTGeneratorTester/src/main/java/JWTGeneratorTester.java [2] https://svn.wso2.org/repos/wso2/people/johann/SignatureVerificationHandler/src/main/java/org/wso2/carbon/apimgt/gateway/verifier/SignatureVerificationHandler.java [3] http://connect2id.com/products/nimbus-jose-jwt Thanks, Johann. On Sat, Jul 12, 2014 at 4:00 PM, Rushmin Fernando <[email protected]> wrote: > $subject please > > -- > *Rushmin Fernando* > *Technical Lead* > > WSO2 Inc. <http://wso2.com/> - Lean . Enterprise . Middleware > > email : [email protected] > mobile : +94772310855 > > > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Thanks & Regards, *Johann Dilantha Nallathamby* Associate Technical Lead & Product Lead of WSO2 Identity Server Integration Technologies Team WSO2, Inc. lean.enterprise.middleware Mobile - *+94777776950* Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>*
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
