Skip to content
Snippets Groups Projects
Commit 84583f2a authored by David Schwarzmann's avatar David Schwarzmann
Browse files

refactor(example): Ensure in the example that we only allow PS512 keys

parent 5456add2
No related branches found
No related tags found
1 merge request!3docs(event-log): Start documenting the event log and interaction with signed JWTs
Hide whitespace changes
Inline Side-by-side
docs/getting-started/event-log.md
+ 5
0
View file @ 84583f2a
......@@ -214,6 +214,11 @@ static final ZUSTELLDIENST_BASE_URL = "https://zustelldienst.example.com";
boolean verifySignature(SignedJWT securityEventToken, String keyId) {
JWKSet jwks = JWKSet.load(ZUSTELLDIENST_BASE_URL + "/.well-known/jwks.json");
JWK publicKey = jwks.getKeyByKeyId(keyId)
if (publicKey.getAlgorithm() != JWSAlgorithm.PS512) {
throw new RuntimeException("The key specified for signature verification doesn't use/specify PS512 as algorithm.")
}
JWSVerifier jwsVerifier = new RSASSAVerifier(publicKey.toRSAKey());
return signedJWT.verify(jwsVerifier);
}
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment