JWS
JWS is one these types:
JWSJWT
JWS Functions
| getHeader | JWS.getHeader( ) | Return the JWS header for the JWS |
| getPayload | JWS.getPayload( ) | Return payload as a string. |
| getSignature | JWS.getSignature( ) | Return the signature for the JWS or JWT |
| isSigned | JWS.isSigned( ) | Return true if the specified JWT compact string represents a signed JWS, false otherwise. |
| verifyFileJWKSet | JWS.verifyFileJWKSet( filename ) | The public RSA keys to validate the signatures will be sourced from the OAuth 2.0 server's JWK set, published at a well-known URL |
| verifyFromKeyStore | JWS.verifyFromKeyStore( keystore , password ) | Validates the signature using a specified KeyStore location and password. |
| verifyHMAC | JWS.verifyHMAC( secret ) | Verify HMAC signature with a specified SecretKey |
| verifyInputStreamJWKSet | JWS.verifyInputStreamJWKSet( is ) | The public RSA keys to validate the signatures will be sourced from the OAuth 2.0 server's JWK set, published at a well-known URL |
| verifyPublicKey | JWS.verifyPublicKey( publickKey ) | Verify RSA signature with a specified PublicKey |
| verifyRemoteJWKSet | JWS.verifyRemoteJWKSet( url ) | Verify the signature using the OAuth 2.0 server's JSON Web Key Set (JWKS) endpoint. |
JWSrepresents a parsed JWS (JSON Web Signature) Object.A JWS consists of three sections:
Header
The header consist of two parts:
- declaring the type, which is JWT
- the hashing algorithm used, e.g HMAC SHA256
An example header:{ "type": "JWT", "alg": "HS256" }Payload
The payload contains the data for the JWS.This can be any string representation or JSON formatted string
An example payload:
{ "iss": "ebasetech.com", "exp": 1300819380, "name": "John Doe", "admin": true }Signature The third and final part of our JSON Web Token is going to be the signature. The signature is omitted if the algorithm in the header is set to none. The signature is created by signing the concatenated base64Encoded header and payload:
Example of a HS256 signature: