package com.packt.example.jweresource.oauth.jwt; import com.fasterxml.jackson.databind.DeserializationFeature; import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.ObjectReader; import com.nimbusds.jose.EncryptionMethod; import com.nimbusds.jose.JWEAlgorithm; import com.nimbusds.jose.JWEHeader; import com.nimbusds.jose.JWEObject; import com.nimbusds.jose.Payload; import com.nimbusds.jose.crypto.AESDecrypter; import com.nimbusds.jose.crypto.AESEncrypter; import javax.crypto.SecretKey; import javax.crypto.spec.SecretKeySpec; import java.util.Base64; import java.util.Map; public class JweTokenSerializer { private String encodedKeypair; public JweTokenSerializer(String encodedKeypair) { this.encodedKeypair = encodedKeypair; } public String encode(String payload) { JWEAlgorithm alg = JWEAlgorithm.A128KW; EncryptionMethod encryptionMethod = EncryptionMethod.A128GCM; try { byte[] decodedKey = Base64.getDecoder().decode(encodedKeypair); SecretKey key = new SecretKeySpec(decodedKey, 0, decodedKey.length, "AES"); JWEObject jwe = new JWEObject( new JWEHeader(alg, encryptionMethod), new Payload(payload)); jwe.encrypt(new AESEncrypter(key)); return jwe.serialize(); } catch (Exception e) { throw new RuntimeException(e); } } public Map<String, Object> decode(String base64EncodedKey, String content) { try { byte[] decodedKey = Base64.getDecoder().decode(base64EncodedKey); SecretKey key = new SecretKeySpec(decodedKey, 0, decodedKey.length, "AES"); JWEObject jwe = JWEObject.parse(content); jwe.decrypt(new AESDecrypter(key)); ObjectMapper objectMapper = new ObjectMapper(); ObjectReader reader = objectMapper.readerFor(Map.class); return reader.with(DeserializationFeature.USE_LONG_FOR_INTS) .readValue(jwe.getPayload().toString()); } catch (Exception e) { throw new RuntimeException(e); } } }