honeymoose
/
jjwt
mirror of https://github.com/jwtk/jjwt.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into jwt-builder-claims-convenience-methods

This commit is contained in:
Les Hazlewood 2014-09-26 17:47:37 -07:00
parent 4f64231600 bc4ee78c26
commit 99cdf07fab
1 changed files with 19 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
README.md
View File

@ -11,7 +11,6 @@ JJWT is a 'clean room' implementation based solely on the [JWT](https://tools.ie
Use your favorite Maven-compatible build tool to pull the dependency (and its transitive dependencies) from Maven Central: Use your favorite Maven-compatible build tool to pull the dependency (and its transitive dependencies) from Maven Central:
```xml ```xml
<dependency> <dependency>
<groupId>io.jsonwebtoken</groupId> <groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId> <artifactId>jjwt</artifactId>
@ -19,6 +18,8 @@ Use your favorite Maven-compatible build tool to pull the dependency (and its tr
</dependency> </dependency>
``` ```
Note: JJWT depends on Jackson 2.x. If you're already using an older version of Jackson in your app, [read this](#olderJackson)
## Usage ## Usage
Most complexity is hidden behind convenient and readable Builder chaining calls. Here's an example: Most complexity is hidden behind convenient and readable Builder chaining calls. Here's an example:
@ -34,7 +35,7 @@ random.nextBytes(key);
Claims claims = Jwts.claims().setIssuer("Me").setSubject("Joe"); Claims claims = Jwts.claims().setIssuer("Me").setSubject("Joe");
String jwt = Jwts.builder().setClaims(claims).signWith(HS256, key).compact(); String compactJwt = Jwts.builder().setClaims(claims).signWith(HS256, key).compact();
``` ```
How easy was that!? How easy was that!?
@ -42,9 +43,9 @@ How easy was that!?
Now let's verify the JWT (you should always discard JWTs that don't match an expected signature): Now let's verify the JWT (you should always discard JWTs that don't match an expected signature):
```java ```java
Token token = Jwts.parser().setSigningKey(key).parse(jwt); Jwt jwt = Jwts.parser().setSigningKey(key).parse(compactJwt);
assert token.getClaims().getSubject().equals("Joe"); assert jwt.getClaims().getSubject().equals("Joe");
``` ```
You have to love one-line code snippets in Java! You have to love one-line code snippets in Java!
@ -54,7 +55,7 @@ But what if signature validation failed? You can catch `SignatureException` and
```java ```java
try { try {
Jwts.parser().setSigningKey(key).parse(jwt); Jwts.parser().setSigningKey(key).parse(compactJwt);
//OK, we can trust this JWT //OK, we can trust this JWT
@ -86,3 +87,16 @@ try {
* JWE (Encryption for JWT) * JWE (Encryption for JWT)
These feature sets will be implemented in a future release when possible. Community contributions are welcome! These feature sets will be implemented in a future release when possible. Community contributions are welcome!
<a name="olderJackson"></a>
#### Already using an older Jackson dependency?
JJWT depends on Jackson 2.4.x (or later). If you are already using a Jackson version in your own application less than 2.x, for example 1.9.x, you will likely see [runtime errors](https://github.com/jwtk/jjwt/issues/1). To avoid this, you should change your project build configuration to explicitly point to a 2.x version of Jackson. For example:
```xml
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>2.4.2</version>
</dependency>
```