How can I decode an api token generated by the sender with the algorithm HS512 and a decryption key: eg. KKHjkgfubfjgdhfg$C&F)J@NcQfTjWnZr4u7x!A%D*G-kjfsjdj&hfs99nvk/B?E
The following is the e.g in JAVA
import io.jsonwebtoken.ExpiredJwtException;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.SignatureException;
import java.security.Key;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.bind.DatatypeConverter;
import org.springframework.stereotype.Component;
import org.springframework.util.Assert;
public class JWTUtil {
/**
* Parse jwt body using given signing key.
* @param key signing key
* @param signAlgorithm
* @param jwt token
* @return payload
* @throws ExpiredJwtException if JWT expiration time is exceeded
* @throws SignatureException if signature verification failed
*/
public static Object getJWTBody(String key, SignatureAlgorithm signAlgorithm, String jwt)
throws ExpiredJwtException, SignatureException {
Assert.hasText(key, "Encryption key should not be null or empty");
byte[] encryptionKeyBytes = DatatypeConverter.parseBase64Binary(key);
Key signingKey = new SecretKeySpec(encryptionKeyBytes, signAlgorithm);
return Jwts.parser()
.setSigningKey(signingKey)
.parseClaimsJws(jwt).getBody();
}
}
So Far I just mange to create plug to extract to token from the connection
defmodule MyAppWeb.Plug.ValidateToken do
@behaviour Plug
import Plug.Conn
import MyMapp.Security.JwtToken
alias MyApp.Notification.GlobalMessages, as: Message
alias MyAppWeb.SessionController, as: Callback
def init(default), do: default
def call(conn, _default) do
if Plug.Conn.get_req_header(conn, "authorisation") != [] do
[auth_token] = Plug.Conn.get_req_header(conn, "authorisation")
IO.inspect(auth_token)
# code come here
conn
else
Callback.respond(conn, Message.message_auth_token_header_not_set?(), :unauthorized) |> halt()
end
end
end
How can I decode It?
