Java jwt jar example

Edward 142 Published: 11/10/2024

Java jwt jar example

Here is an example of using the JWT (JSON Web Token) library in a Maven project with Java:

Step 1: Add the JWT dependency

Add the following dependency to your pom.xml file:



io.jsonwebtoken


jjwt


0.9.0

Step 2: Create a JWT issuer

Create an instance of Jwts to generate the JWT:

import io.jsonwebtoken.Jwts;

import io.jsonwebtoken.SignatureAlgorithm;


public class JwtIssuer {


public static String issueToken(String subject, String audience, long expirationTime) {


Date expirationDate = new Date(System.currentTimeMillis() + expirationTime);


return Jwts.builder()


.setSubject(subject)


.setAudience(audience)


.setExpiration(expirationDate)


.signWith(SignatureAlgorithm.HS256, "your-secret-key")


.compact();


}


}

Step 3: Create a JWT verifier

Create an instance of Jwts to verify the JWT:

import io.jsonwebtoken.Jwts;

public class JwtVerifier {


public static boolean verifyToken(String token) {


try {


Jws claims = Jwts.parser().setSigningKey("your-secret-key").parseClaimsJws(token);


return true;


} catch (Exception e) {


return false;


}


}


}

Step 4: Use the JWT in your application

In a typical use case, you would generate a JWT when a user logs in to your application:

public class LoginController {

public String login(String username, String password) {


// Authenticate the user


if (authenticated) {


return JwtIssuer.issueToken(username, "your-audience", 3600000); // 1 hour expiration


} else {


return "Invalid credentials";


}


}


}

And then verify the JWT in subsequent requests:

public class SecuredController {

public void securedMethod(String token) {


if (JwtVerifier.verifyToken(token)) {


// User is authenticated, proceed with the request


} else {


// Token is invalid or expired, deny access


}


}


}

Jar file example

Here's an example of how you can create a JAR file for your JWT library:

Compile your Java code using mvn compile and mvn package. Create a new directory to hold the JAR file. Use jar command to create the JAR file: 
jar cvf jwt-jar.jar classes/io/jsonwebtoken/*.class

This will create a jwt-jar.jar file in your current working directory.

You can then add this JAR file as a dependency in another project's pom.xml file using the following syntax:



com.example


jwt-jar


1.0


jar

I hope this helps! Let me know if you have any further questions or concerns.

How to generate JWT token in Java Spring Boot

I'm happy to respond in English this time!

Generating a JSON Web Token (JWT) in Java Spring Boot involves several steps, which I'll outline below. We'll use the popular library jjwt for encoding and decoding JWTs.

Step 1: Add dependencies

In your pom.xml file (if you're using Maven) or build.gradle file (if you're using Gradle), add the following dependencies:

Maven:



io.jsonwebtoken


jjwt


0.9.0

Gradle:

dependencies {

implementation 'io.jsonwebtoken:jjwt:0.9.0'


}

Step 2: Create a JWT claims generator

Create a Java class that generates the JWT claims (e.g., user ID, username, email). For example:

public class JwtClaimsGenerator {

public static Map<String, Object> generateJwtClaims(User user) {


Map<String, Object> claims = new HashMap<>();


claims.put("user_id", user.getId());


claims.put("username", user.getUsername());


claims.put("email", user.getEmail());


return claims;


}


}

Step 3: Generate the JWT

Create a Java class that generates the JWT token using the jjwt library:

import io.jsonwebtoken.Jwts;

import io.jsonwebtoken.SignatureAlgorithm;


public class JwtGenerator {


private static final String SECRET_KEY = "your-secret-key";


private static final SignatureAlgorithm SIGNATURE_ALGORITHM = SignatureAlgorithm.HS256;


public static String generateJwtToken(User user) {


Map<String, Object> claims = JwtClaimsGenerator.generateJwtClaims(user);


return Jwts.builder()


.setClaims(claims)


.signWith(SIGNATURE_ALGORITHM, SECRET_KEY)


.compact();


}


}

Step 4: Verify the JWT

Create a Java class that verifies the JWT token using the jjwt library:

import io.jsonwebtoken.Jwts;

import io.jsonwebtoken.MalformedJwtException;


import io.jsonwebtoken.SignatureAlgorithm;


public class JwtVerifier {


private static final String SECRET_KEY = "your-secret-key";


private static final SignatureAlgorithm SIGNATURE_ALGORITHM = SignatureAlgorithm.HS256;


public static boolean verifyJwtToken(String jwtToken, User user) {


try {


Jwts.parser().setSigningKey(SECRET_KEY)


.requireExpirationTime()


.validate(jwtToken);


// JWT is valid, you can now access the claims


Map<String, Object> claims = Jwts.parser().setSigningKey(SECRET_KEY).parseClaimsJws(jwtToken).getBody();


// Check if the user matches the one in the claim


return user.getId() == (Long) claims.get("user_id");


} catch (MalformedJwtException | UnsupportedJwtException e) {


// JWT is invalid or malformed, handle the error


return false;


}


}


}

In this example, we use the SECRET_KEY to sign the JWT and verify it. You should replace your-secret-key with your own secret key.

Step 5: Use the JWT in your Spring Boot application

Integrate the JWT generator and verifier classes into your Spring Boot application's security configuration or services. For example, you can use the JWT token as an authentication mechanism for API endpoints.

This is a basic example of how to generate a JSON Web Token (JWT) in Java Spring Boot using the jjwt library. You may need to customize it according to your specific requirements and security constraints.

Remember, always keep your secret key secure!

Related Articles