Validating access token signature in java

195 views
Skip to first unread message

nitanshu sharma

unread,
Feb 22, 2022, 12:05:56 AM2/22/22
to Keycloak User
I'm trying to validate the signature of access token of a realm by below function
but I'm getting an error
com.auth0.jwk.NetworkException: Cannot obtain jwks from url https://{keycloak url}/auth/realms/CMMC5//protocol/openid-connect/certs/.well-known/jwks.json  

private void verifySignature(DecodedJWT decodedJWT) { JsonObject payloadAsJson = decodeTokenPayloadToJsonObject(decodedJWT); String iss=payloadAsJson.get("iss").getAsString(); System.out.println("iss"+iss); JwkProvider provider = new UrlJwkProvider(iss);//+"/protocol/openid-connect/certs"); System.out.println("provider"+provider); Jwk jwk = provider.get(decodedJWT.getKeyId()); System.out.println("jwk"+jwk); Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) jwk.getPublicKey(), null); algorithm.verify(decodedJWT); }
Please help me to resolve this issue.
Reply all
Reply to author
Forward
0 new messages