Versions Compared

Old Version 43

changes.mady.by.user Sergey Beryozkin

Saved on

compared with

New Version 44

changes.mady.by.user Sergey Beryozkin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Both JWS JSON and JWS Compact support 'b64' property for the detached and embedded payloads.

In CXF you can apply this option to both JWS Compact (only for detached payloads at the momentembedded payloads - from CXF 3.1.7) and JWS JSON sequences, here is a JWS JSON code fragment:

...

Code Block
languagejava
titleJWS JSON Unencoded
JwsJsonProducer producer = new JwsJsonProducer(UNSIGNED_PLAIN_JSON_DOCUMENT, true);
JwsHeaders headers = new JwsHeaders(SignatureAlgorithm.HS256);
headers.setPayloadEncodingStatus(false);
producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY_1, SignatureAlgorithm.HS256),
                  headers);

Note that JWS Compact uses a '.' as a separator between its 3 parts. JWS with Unencoded Payload recommends that it is the application's responsibility to deal with the unencoded payloads which may have '.' characters. Similarly, JWS JSON unencoded payloads with double quotes will need to be taken care of by the application. 

JWE Encryption

JWE (JSON Web Encryption) document describes how a document content, and, when applicable, a content encryption key, can be encrypted. For example, Appendix A1 shows how the content can be encrypted with a secret key using AesGcm with the actual content encryption key being encrypted using RSA-OAEP.

...

The above code shows a client proxy code but WebClient can be created instead. The server is configured here. The client can be configured in Spring/Blueprint too.

Starting from CXF 3.1.7 it is also possible to produce JWS Compact sequences with the unencoded payload (See JWS With Clear Payload above for restrictions).

Here is an example of a plain text "book" being HS256-signed, converted into JWS Compact and POSTed to the target service:

No Format
Address: https://localhost:9001/jwsjwkhmac/bookstore/books
Http-Method: POST
Content-Type: application/jose
Payload: eyJhbGciOiJIUzI1NiIsImN0eSI6InRleHQvcGxhaW4iLCJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdfQ.
         book.
         fM7O2IVO3NsQeTGrFiMeLf_TKTsMSqnqmjnK40PwQ88

Note that a 2nd part, "book", is not Base64Url encoded.

JwsJsonWriterInterceptor creates JWS JSON sequences on the client or server out directions. 

...