0

I am novice to Azure, JWT, Microsoft Identity Platform.

I need to decrypt a JWT token and validate that the token was generated from Azure and not manually created in my plain old Java code.

I have went through the Microsoft docs but none of them talk about technical implementation. I seriously and pretty badly need help.

Thank you in advance.

Sharmi
  • 79
  • 1
  • 1
  • 10

1 Answers1

1

If you want to validate Azure AD token, if you want to validate Azure AD access token, we can try to use the sdk java-jwt and jwks-rsa to implement it.

For example

  1. Install sdk
<dependency>
    <groupId>com.auth0</groupId>
    <artifactId>java-jwt</artifactId>
    <version>3.10.3</version>
</dependency>
<dependency>
    <groupId>com.auth0</groupId>
    <artifactId>jwks-rsa</artifactId>
    <version>0.11.0</version>
</dependency>
  1. Code
// validate signature 
String token="<your AD token>";
  DecodedJWT jwt = JWT.decode(token);
  System.out.println(jwt.getKeyId());

  JwkProvider provider = null;
  Jwk jwk =null;
  Algorithm algorithm=null;

  try {
      provider = new UrlJwkProvider(new URL("https://login.microsoftonline.com/common/discovery/v2.0/keys"));
      jwk = provider.get(jwt.getKeyId());
      algorithm = Algorithm.RSA256((RSAPublicKey) jwk.getPublicKey(), null);
      algorithm.verify(jwt);// if the token signature is invalid, the method will throw SignatureVerificationException
  } catch (MalformedURLException e) {
      e.printStackTrace();
  } catch (JwkException e) {
      e.printStackTrace();
  }catch(SignatureVerificationException e){

     System.out.println(e.getMessage());

  }

// get claims
String token="<your AD token>";
DecodedJWT jwt = JWT.decode(token);
Map<String, Claim> claims = jwt.getClaims();    //Key is the Claim name
Claim claim = claims.get("<>");
Jim Xu
  • 21,610
  • 2
  • 19
  • 39