Hi Gayan FYI I was able to validate the APIM JWT signature with java.security.* classes.
Thanks On Thu, Dec 11, 2014 at 11:48 PM, Gayan Gunawardana <[email protected]> wrote: > Hi All, > > In JWT token generator [1] use low level JWT building and signing process > which makes bit difficult to validate signature in client side. But in [2] > we use nimbus [3] to generate and sign OpenID connect ID token. Shall we > change JWT generator in [1] to use nimbus library ? > Nimbus provides very comprehensive option to generate JWT and validate > signature in client side. > > [1] > https://github.com/wso2-dev/carbon-identity/blob/master/components/identity/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/authcontext/JWTTokenGenerator.java > > [2] > https://github.com/wso2-dev/carbon-identity/blob/master/components/identity/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/openidconnect/DefaultIDTokenBuilder.java > > [3]http://connect2id.com/products/nimbus-jose-jwt > -- > Gayan Gunawardana > Software Engineer; WSO2 Inc.; http://wso2.com/ > Email: [email protected] > Mobile: +94 (71) 8020933 > -- *Susinda Perera* Software Engineer Mobile:(+94)716049075 WSO2 Inc. http://wso2.com/ Tel : 94 11 214 5345 Fax :94 11 2145300
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
