How to use io.jsonwebtoken lib to validate a Google id_token

Asked Nov 09 '20 at 20:47

Active Nov 10 '20 at 17:12

Viewed 282 times

We are trying to validate an id_token from Google in a service. I am trying to use the io.jsonwebtoken Java API (https://github.com/jwtk). Additionally the JWKS are here: https://www.googleapis.com/oauth2/v3/certs

I won't paste the JWKS here, but I understand that the "e" value is the exponent and that the "n" value is the modulus and that the "kid" is the key id to match in the payload. Also, the "alg" is the key's signing algorithm.

I can base 64 decode the header and payload, but I do not understand how to use the JWKS to validate the id_token.

This should be easy, but I cannot seem to find out how. Has anyone done this? Can I use the "io.jsonwebtoken" API to check the id_token?

edited Nov 10 '20 at 17:12

asked Nov 09 '20 at 20:47

kgwrocks

get the `KID` from the header, read the matching JWK from the JWKS, [transform the JWK modulus and exponent (`n` and `e`) to a public key](https://stackoverflow.com/questions/44639891/verifying-jwt-signature-using-public-key-endpoint) and use that key to verify the token. – jps Nov 10 '20 at 07:42
thanks so much - worked great – kgwrocks Nov 10 '20 at 20:19

How to use io.jsonwebtoken lib to validate a Google id_token

0 Answers0