tessl/maven-io-jsonwebtoken--jjwt-api
JJWT API - JSON Web Token library API for Java and Android
- Workspace
- tessl
- Visibility
- Public
- Created
- Last updated
'%3e%3cpath%20d='m7.15%205.779.281.877c-.001.502.003.991.124%201.48l.116-.082.229-1.265c.723%201.422%202.78%203.325%202.53%205.008-.022.154-.082.3-.158.435.349-.014.375-.38.578-.56.187%201.005.17%201.975-.22%202.932l1.428%203.159c-.007.07-.626.285-.744.226-.087-.044-.629-1.506-.742-1.754-.103-.224-.457-1.044-.592-1.165-.592-.534-2.033-.183-2.773-.256l.488-.115.148-.109c-.68-.08-1.363-.34-1.85-.815.531.046%201.052.121%201.592.087.1-.006.378-.02.432-.114-1.338-.016-2.398-.569-3.16-1.62-1.03-1.422-1.646-3.215-2.658-4.662-.203-.289-.474-.68-.776-.847-.015-.092.076-.054.137-.049.375.034.778.157%201.148.234l1.26.462c-.404-.737-1.332-.637-1.984-.994-.759-.416-1.2-1.386-1.487-2.149-.258-.68-.536-1.495-.492-2.217.282.262.529.573.896.73.087-.102-.838-1.102-.867-1.323C-.051.673.656-.051%201.328.003c1.128.09%202.44%201.953%202.87%202.886.074.069.145-.23.149-.25.029-.154.01-.306.054-.452.67.932%201.64%201.722%202.122%202.768l.626%201.778V5.78Z'/%3e%3cpath%20d='m10.851%206.733.626-1.778c.483-1.047%201.451-1.836%202.122-2.769.045.147.025.299.054.452.005.021.075.32.149.25.43-.932%201.742-2.796%202.87-2.885.672-.054%201.38.67%201.294%201.31-.03.22-.954%201.221-.867%201.322.367-.156.614-.467.896-.729.044.722-.234%201.536-.49%202.218-.288.763-.73%201.733-1.488%202.149-.652.356-1.58.256-1.984.993l1.26-.461c.37-.077.772-.2%201.148-.234.06-.006.152-.044.136.049-.301.166-.573.557-.775.847-.794%201.135-1.347%202.488-2.049%203.68-.635%201.081-1.285%202.087-2.613%202.432.148-.768.005-1.562-.173-2.316l-.32-.092c-.219-1.088-.84-2.001-1.466-2.908l.919-1.475.229%201.265.116.082c.12-.489.125-.979.123-1.48l.283-.877v.955ZM8.017%2014.984c-.238.57-.531%201.119-.78%201.686-.089.204-.446%201.24-.518%201.295-.145.114-.622-.087-.777-.2l1.207-2.78h.868ZM12.008%2013.75c-.059.174-.949.7-1.04.617l.12-.5.92-.117Z'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='a'%3e%3cpath%20fill='%23fff'%20d='M0%200h18v18H0z'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
To install, run
npx @tessl/cli install tessl/maven-io-jsonwebtoken--jjwt-api@0.12.0index.mddocs/
JJWT API
JJWT API is the core API module of the JJWT (Java JWT) library, providing interfaces and contracts for creating and verifying JSON Web Tokens (JWTs) and JSON Web Keys (JWKs) on the JVM and Android platforms. This is a pure Java implementation based exclusively on JOSE Working Group RFC specifications including JWT (RFC 7519), JWS (RFC 7515), JWE (RFC 7516), JWK (RFC 7517), and related standards.
Package Information
- Package Name: io.jsonwebtoken:jjwt-api
- Package Type: Maven
- Language: Java
- Installation:
<dependency> <groupId>io.jsonwebtoken</groupId> <artifactId>jjwt-api</artifactId> <version>0.12.6</version> </dependency>
Core Imports
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.JwtBuilder;
import io.jsonwebtoken.JwtParser;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jws;For security and key management:
import io.jsonwebtoken.security.Keys;
import io.jsonwebtoken.security.Jwks;For IO utilities:
import io.jsonwebtoken.io.Encoders;
import io.jsonwebtoken.io.Decoders;Basic Usage
Creating a JWT
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.security.Keys;
import javax.crypto.SecretKey;
import java.util.Date;
// Generate a secure key for HMAC-SHA algorithms
SecretKey key = Keys.secretKeyFor(Jwts.SIG.HS256);
// Create a JWT
String jwt = Jwts.builder()
.subject("user123")
.issuer("myapp")
.expiration(new Date(System.currentTimeMillis() + 3600000)) // 1 hour
.claim("role", "admin")
.signWith(key)
.compact();
System.out.println(jwt);Parsing and Validating a JWT
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jws;
// Parse and verify the JWT
Jws<Claims> jws = Jwts.parser()
.verifyWith(key)
.build()
.parseSignedClaims(jwt);
// Access claims
Claims claims = jws.getPayload();
String subject = claims.getSubject();
String role = claims.get("role", String.class);
System.out.println("Subject: " + subject);
System.out.println("Role: " + role);Architecture
JJWT API follows a clean separation of concerns with several key components:
- Factory Classes:
Jwts,Keys,Jwksprovide entry points and standard algorithm instances - Builder Pattern: Extensive use throughout for JWT construction (
JwtBuilder) and parser configuration (JwtParserBuilder) - Type Safety: Generic interfaces ensure compile-time validation and prevent runtime errors
- Immutability: All parsed tokens, claims, and headers are immutable value objects
- Standards Compliance: Full implementation of JOSE specifications with comprehensive algorithm support
Capabilities
JWT Operations
Core JWT building, parsing, and validation functionality including support for signed (JWS) and encrypted (JWE) tokens.
// JWT Builder Factory
public static JwtBuilder builder();
// JWT Parser Factory
public static JwtParserBuilder parser();
// Claims Builder Factory
public static ClaimsBuilder claims();
// Header Builder Factory
public static HeaderBuilder header();Security and JWK Management
Comprehensive key management, JSON Web Key (JWK) support, and cryptographic algorithm interfaces for secure JWT operations.
// Key Utilities
public static SecretKey hmacShaKeyFor(byte[] bytes);
public static SecretKey secretKeyFor(SignatureAlgorithm alg); // deprecated but available
public static KeyPair keyPairFor(SignatureAlgorithm alg); // deprecated but available
public static Password password(char[] password);
// Key Builders
public static SecretKeyBuilder builder(SecretKey key);
public static PrivateKeyBuilder builder(PrivateKey key);
// JWK Factory Methods
public static DynamicJwkBuilder<?, ?> builder();
public static JwkParserBuilder parser();
public static JwkSetBuilder set();
public static JwkSetParserBuilder setParser();IO Utilities
Encoding, decoding, and serialization utilities for Base64/Base64URL operations and custom JSON processing.
// Standard Encoders (from Encoders class)
public static final Encoder<byte[], String> BASE64 = Encoders.BASE64;
public static final Encoder<byte[], String> BASE64URL = Encoders.BASE64URL;
// Standard Decoders (from Decoders class)
public static final Decoder<CharSequence, byte[]> BASE64 = Decoders.BASE64;
public static final Decoder<CharSequence, byte[]> BASE64URL = Decoders.BASE64URL;Types and Interfaces
Core JWT types including Claims, Headers, and token interfaces that represent parsed JWT content.
// Core JWT Interface
public interface Jwt<H, P> {
H getHeader();
P getPayload();
<T> T accept(JwtVisitor<T> visitor);
}
// Claims Interface
public interface Claims extends Map<String, Object> {
String getIssuer();
String getSubject();
Set<String> getAudience();
Date getExpiration();
// ... other standard claims
}Standard Algorithms
JJWT API provides constants for all standard JOSE algorithms:
Signature Algorithms (Jwts.SIG)
- HMAC: HS256, HS384, HS512
- RSA: RS256, RS384, RS512, PS256, PS384, PS512
- ECDSA: ES256, ES384, ES512
- EdDSA: EdDSA (Ed25519, Ed448)
Encryption Algorithms (Jwts.ENC)
- AES-GCM: A128GCM, A192GCM, A256GCM
- AES-CBC: A128CBC-HS256, A192CBC-HS384, A256CBC-HS512
Key Management Algorithms (Jwts.KEY)
- Direct: DIRECT
- AES Key Wrap: A128KW, A192KW, A256KW
- RSA: RSA1_5, RSA-OAEP, RSA-OAEP-256
- ECDH: ECDH-ES, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW
- PBES2: PBES2-HS256+A128KW, PBES2-HS384+A192KW, PBES2-HS512+A256KW
Compression Algorithms (Jwts.ZIP)
- DEFLATE: DEF
- GZIP: GZIP