Post not yet marked as solved
https://developer.apple.com/documentation/signinwithapplerestapi/fetch_apple_s_public_key_for_verifying_token_signaturewhere i can user the public key?
Post not yet marked as solved
I want to verify the id token.but when use the public key ,the exception happenedSignature length not correct: got 256 but was expecting 342This is my code:@Test
public void parseToken() throws InvalidKeySpecException, NoSuchAlgorithmException, InvalidKeyException {
String key = "lxrwmuYSAsTfn-lUu4goZSXBD9ackM9OJuwUVQHmbZo6GW4Fu_auUdN5zI7Y1dEDfgt7m7QXWbHuMD01HLnD4eRtY-RNwCWdjNfEaY_esUPY3OVMrNDI15Ns13xspWS3q-13kdGv9jHI28P87RvMpjz_JCpQ5IM44oSyRnYtVJO-320SB8E2Bw92pmrenbp67KRUzTEVfGU4-obP5RZ09OxvCr1io4KJvEOjDJuuoClF66AT72WymtoMdwzUmhINjR0XSqK6H0MdWsjw7ysyd_JhmqX5CAaT9Pgi0J8lU_pcl215oANqjy7Ob-VMhug9eGyxAWVfu_1u6QJKePlE-w";
String e = "AQAB";
String idToken = "eyJraWQiOiJBSURPUEsxIiwiYWxnIjoiUlMyNTYifQ.eyJpc3MiOiJodHRwczovL2FwcGxlaWQuYXBwbGUuY29tIiwiYXVkIjoiY29tLmdlbWQuaXRpbmciLCJleHAiOjE1NjI3MjUyOTMsImlhdCI6MTU2MjcyNDY5Mywic3ViIjoiMDAxODk3Ljg2OWJhYjU5OWE0NTQyZTFhMGY1MDc1ZTAyODkxZjBjLjExMDYifQ.dK0Yk1n-Df5xoXFtQd8kWq6ePNk9urkenwKvvBwLryWS8fe3u5XtusTiq0tIrzuvaqv0Ug2Jz9wG6h5o2ulsG0DnYbznrb7DdrFo_-ubezWDXx-ltT6IViHynlc8Isar5LkZL2YpbqRvf9qowyKdaQma0UXZmnZsMQue5BxxRK2P23seMj9TMrpr4JLIBZqRhms1nI5SRPHD6jZ5vimUHWYldPI18JL-FMhFVumlbMbVYZEYeEj6wYkQH45NmL-1NHh7ua0YonLlcUBJKhosDMI28RYKjzlb3Kjxkni-21PH-X56s1ZvlWCXbAY0yUbzmFZ-CuPVGvh6hj-SSV4KUQ";
RSAPublicKey publicKey = generateRSAPublicKey(key, e);
JwtParser jwtParser = new DefaultJwtParser();
jwtParser.setSigningKey(publicKey);
jwtParser.parseClaimsJws(idToken);
}
private RSAPublicKey generateRSAPublicKey(String modulus, String publicExponent) {
KeyFactory keyFac = null;
try {
keyFac = KeyFactory.getInstance("RSA", new org.bouncycastle.jce.provider.BouncyCastleProvider());
} catch (NoSuchAlgorithmException ex) {
throw new RuntimeException(ex.getMessage());
}
RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(new BigInteger(modulus.getBytes()), new BigInteger(publicExponent.getBytes()));
try {
return (RSAPublicKey) keyFac.generatePublic(pubKeySpec);
} catch (InvalidKeySpecException ex) {
throw new RuntimeException(ex.getMessage());
}
}