make JwtJson4s.parseClaim, JwtJson4s.parseHeader publicly accessible
See original GitHub issueHi,
I am not able to use JwtJson4s.decode()
without first getting the publicKey (since my signature is always non-empty). But in order to get the publicKey, my specific approach to using JWT involves looking up the publicKey from a database using the so-called kid header claim.
So, the process is:
- decode the claims
- check if the claims are expired (if not continue)
- decode the header
- get the
kid
from the decoded header - select the corresponding publicKey from the database based on the
kid
- using the publicKey, validate
This means I ended up copying and pasting the parse
boilerplate of these protected methods, that way I didn’t need any key
to decode the claims:
val parts = token.split("\\.")
val claims = JwtJson4s.readClaim(parse(JwtBase64.decodeString(parts(1))))
val keyId = extractString(parse(JwtBase64.decodeString(parts(0))), "kid").get
Would it be alright to make those methods publicly accessible for this fairly common use case? Or, could there be a decodeAll
method that did not perform validate?
Here is the boilerplate used above that it would help to avoid:
protected def parse(value: String): JObject = jparse(value) match {
case res: JObject => res
case _ => throw new RuntimeException(s"Couldn't parse [$value] to a JObject")
}
private def extractString(json: JObject, fieldName: String): Option[String] = (json \ fieldName) match {
case JString(value) => Option(value)
case JNull => None
case JNothing => None
case _ => throw new JwtNonStringException(fieldName)
}
Issue Analytics
- State:
- Created 6 years ago
- Comments:6 (2 by maintainers)
Top Results From Across the Web
JWT Scala: Json4s
libraryDependencies += "com.github.jwt-scala" %% "jwt-json4s-native" % "9.1.2" ... val token = JwtJson4s.encode(claim, key, algo) // token: String ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Sure, I can do that. I don’t think the error is related to the project itself btw.
Done in 0.16.0