Hi, Have a look at extractAppIdFromIdToken funtion of [1]
[1] https://github.com/apache/stratos/blob/master/components/org.apache.stratos.metadata.service/src/main/java/org/apache/stratos/metadata/service/handlers/OAuthHandler.java On Thu, Jan 14, 2016 at 3:07 PM, Godwin Shrimal <god...@wso2.com> wrote: > Hi Pramod, > > You can use Signature class to verify signature. Please see below code > snippet. > > java.security.Signature signature = > java.security.Signature.getInstance("SHA1withRSA"); > signature.initVerify(publicKey); > signature.verify(signature) > > Thanks > Godwin > > > > On Thu, Jan 14, 2016 at 2:51 PM, Pramod Thakur <sendpra...@gmail.com> > wrote: > >> Hi Godwin, >> >> Thanks for the reply, >> >> Then how can I validate the jwt token that is generated by the wso2 in >> the client. >> >> I need to validate the signature of jwt token generated by Wso2 using the >> public key. >> >> >> >> >> >> On Thu, Jan 14, 2016 at 2:39 PM, Godwin Shrimal <god...@wso2.com> wrote: >> >>> Hi Pramod, >>> >>> We keep only supper tenant keystore in the physical file system and >>> tenant keystores stores in registry. You can get the public certificate for >>> the specific tenant using KeyStoreManager class. Please see below code >>> snippet. >>> >>> KeyStoreManager.getInstance(tenantId).getDefaultPublicKey() >>> >>> >>> Thanks >>> Godwin >>> >>> >>> On Thu, Jan 14, 2016 at 1:20 PM, Harshan Liyanage <hars...@wso2.com> >>> wrote: >>> >>>> Hi Pramod, >>>> >>>> We are storing the public certificate file in wso2carbon.jks keystore. >>>> You can find it in <PRODUCT_HOME>/repository/resources/security directory. >>>> Refer to [1] for obtaining the certificate. For example you can use the >>>> following command to get the public certificate. Keystore password will be >>>> wso2carbon. >>>> >>>> keytool -export -keystore wso2carbon.jks -alias wso2carbon -file >>>> public_cert.cer >>>> >>>> [1]. >>>> https://docs.oracle.com/javase/tutorial/security/toolsign/step5.html >>>> [2]. https://docs.wso2.com/display/Carbon420/Keystores >>>> >>>> Thanks, >>>> >>>> Harshan Liyanage >>>> Software Engineer >>>> Mobile: *+94724423048* >>>> Email: hars...@wso2.com >>>> Blog : http://harshanliyanage.blogspot.com/ >>>> *WSO2, Inc. :** wso2.com <http://wso2.com/>* >>>> lean.enterprise.middleware. >>>> >>>> On Thu, Jan 14, 2016 at 1:02 PM, Pramod Thakur <sendpra...@gmail.com> >>>> wrote: >>>> >>>>> Hi, >>>>> >>>>> How can I get public key certificate to validate JWT token signature >>>>> in wso2 Api Manager for tenant. >>>>> >>>>> The problem I am facing is,I couldn't get the public certificate in >>>>> the physical directory but wso2 is managing to sign the token, I couldn't >>>>> get how. >>>>> >>>>> On Thu, Jan 14, 2016 at 12:57 PM, Pramod Thakur <sendpra...@gmail.com> >>>>> wrote: >>>>> >>>>>> Hi, >>>>>> >>>>>> How can I get public key certificate to validate JWT token in wso2 >>>>>> Api Manager for tenant in the client endpoint. >>>>>> >>>>>> The problem i am facing is, i couldn't get the public certificate in >>>>>> the physical directory but wso2 is managing to sign the token, i couldn't >>>>>> get how. >>>>>> >>>>>> >>>>>> -- >>>>>> * Regards* >>>>>> * Pramod Thakur* >>>>>> * 9980422825* >>>>>> * Thank you.* >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> * Regards* >>>>> * Pramod Thakur* >>>>> * 9980422825* >>>>> * Thank you.* >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> _______________________________________________ >>>>> Dev mailing list >>>>> Dev@wso2.org >>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>> >>>>> >>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> Dev@wso2.org >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>>> >>> >>> >>> -- >>> *Godwin Amila Shrimal* >>> Senior Software Engineer >>> WSO2 Inc.; http://wso2.com >>> lean.enterprise.middleware >>> >>> mobile: *+94772264165* >>> linkedin: *http://lnkd.in/KUum6D <http://lnkd.in/KUum6D>* >>> twitter: https://twitter.com/godwinamila >>> >> >> >> >> -- >> * Regards* >> * Pramod Thakur* >> * 9980422825* >> * Thank you.* >> >> >> >> >> >> > > > -- > *Godwin Amila Shrimal* > Senior Software Engineer > WSO2 Inc.; http://wso2.com > lean.enterprise.middleware > > mobile: *+94772264165* > linkedin: *http://lnkd.in/KUum6D <http://lnkd.in/KUum6D>* > twitter: https://twitter.com/godwinamila > > _______________________________________________ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Udara Liyanage Software Engineer WSO2, Inc.: http://wso2.com lean. enterprise. middleware web: http://udaraliyanage.wordpress.com phone: +94 71 443 6897
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev