{"id":23670627,"url":"https://github.com/sandipchitale/jwt","last_synced_at":"2026-05-02T10:40:41.949Z","repository":{"id":184876112,"uuid":"672450767","full_name":"sandipchitale/jwt","owner":"sandipchitale","description":"Springboot Nimbus Jose signing and verification example with HS256 (Shared Secret) and RS256 (Public/Private key pair)","archived":false,"fork":false,"pushed_at":"2023-08-08T03:48:33.000Z","size":89,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2024-12-29T09:37:41.069Z","etag":null,"topics":["jose","jwt","nimbus","sign","spring-boot","verify"],"latest_commit_sha":null,"homepage":"https://github.com/sandipchitale/jwt","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sandipchitale.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2023-07-30T06:02:32.000Z","updated_at":"2023-07-30T18:36:54.000Z","dependencies_parsed_at":"2023-07-30T18:37:23.109Z","dependency_job_id":null,"html_url":"https://github.com/sandipchitale/jwt","commit_stats":null,"previous_names":["sandipchitale/jwt"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sandipchitale%2Fjwt","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sandipchitale%2Fjwt/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sandipchitale%2Fjwt/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sandipchitale%2Fjwt/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sandipchitale","download_url":"https://codeload.github.com/sandipchitale/jwt/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":239685797,"owners_count":19680398,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["jose","jwt","nimbus","sign","spring-boot","verify"],"created_at":"2024-12-29T09:37:54.297Z","updated_at":"2025-12-16T05:30:15.702Z","avatar_url":"https://github.com/sandipchitale.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Springboot Nimbus Jose signing and verification example with HS256 (Shared Secret) and RS256 (Public/Private key pair)\n\n## Description\n\nThis is a sample project to demonstrate how to sign and veirfy a JWT token with HMAC256(HS256) (Shared Secret) or (RS256) (Public/Private key pair) using Nimbus Jose library.\nIt also launches the browser at `https://jwt.io?access_token=JWT`.\n\n## HS256 (Shared Secret)\n\nHere is the sample run output for HS256 (Shared Secret) - turn on `#spring.profiles.active=HS256`:\n\n```\n-------------------------------------------\nJwt signed and verifies with HS256 (Shared Secret)\n-------------------------------------------\n-------------------------------------------\nBase64 encoded shared secret = rWWKVDuVZnYw5vNYJw1VZNb0aMqaGf81mo0IE8hEbdo=\n-------------------------------------------\n\n-------------------------------------------\nJWT: eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgwODAiLCJzdWIiOiJIUzI1NiBKV1QiLCJleHAiOjE2OTA3NDE4NTd9.RoNhDBzqicSH2J1qFyzyGBfzugPDd8hwMZHMeCrEN5o\nExpiring in 5 seconds.\n-------------------------------------------\n\nLaunching the browser with: https://jwt.io?access_token=eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgwODAiLCJzdWIiOiJIUzI1NiBKV1QiLCJleHAiOjE2OTA3NDE4NTd9.RoNhDBzqicSH2J1qFyzyGBfzugPDd8hwMZHMeCrEN5o\nMake sure to select '[ ] secret base64 encoded' to verify the JWT signature.\n\n-------------------------------------------\nVerified? true\nSubject = HS256 JWT\nIssuer = http://localhost:8080\nExpiration Time = Sun Jul 30 11:30:57 PDT 2023\n-------------------------------------------\n\nExipred? No\n\n-------------------------------------------\nWaiting for 10 seconds before checking expiry...Done.\n-------------------------------------------\n\nExipred? Yes\n```\n\nIt also outputs the Base64 encoded sharedSecret. You can use it on jwt.io to verify the signature.\n\n## RS256 (KeyPair)\n\nHere is the sample run output for RS256 (SKey Pair) - turn on `#spring.profiles.active=RS256`:\n\n```\n-------------------------------------------\nJwt with RS256 Private Key (signer) / Public Key (verifier)\n-------------------------------------------\n-------------------------------------------\n-----BEGIN RSA PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6fj3BaEGdGUPyRHr+Spz\nK/qGBL/0+ILxjEL3DRSgsosb6O6HTearcAl41hmSYEtWcqfQqVOb7w9uYsxWvBl3\nybeOU2bO3SeVAhdSJpNmGfepJuHDbifOaXw/XHxRJbTwK49ucjY+RxZJ3Wr/4Ojw\nfOiFhpke3K+JfFuYJcZ20u2DcBbDdRthfcU8yQ2BemZhcnHnm+EWjBe5xrNJk5Av\nhf+EajaiWjjZj0+kdhUYQB6FQBRsONqGZomy20492BWvtS4fm6kTyDy5HX2sclEn\nUeCo8mvJuiycZDEi1JhsQm/6Azt8rZyqbU+lA4eyqhgRI3WYVKlDWCW9Wy4x3Sv9\nuQIDAQAB\n-----END RSA PUBLIC KEY-----\n-----BEGIN RSA PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDp+PcFoQZ0ZQ/J\nEev5KnMr+oYEv/T4gvGMQvcNFKCyixvo7odN5qtwCXjWGZJgS1Zyp9CpU5vvD25i\nzFa8GXfJt45TZs7dJ5UCF1Imk2YZ96km4cNuJ85pfD9cfFEltPArj25yNj5HFknd\nav/g6PB86IWGmR7cr4l8W5glxnbS7YNwFsN1G2F9xTzJDYF6ZmFyceeb4RaMF7nG\ns0mTkC+F/4RqNqJaONmPT6R2FRhAHoVAFGw42oZmibLbTj3YFa+1Lh+bqRPIPLkd\nfaxyUSdR4Kjya8m6LJxkMSLUmGxCb/oDO3ytnKptT6UDh7KqGBEjdZhUqUNYJb1b\nLjHdK/25AgMBAAECggEAEGSqa3a2p5AZ1N+Qa42psn1OnOWVietOy6I4123zER9w\nY1fXG20Gj7EyNLoSSJ9ECCuG515IJi4BcM2wDrowFkOUpsukwde599gKIFF34r44\nrVSTJ1QwVlwSFRj8FzVqwHqVD/k0pYbDwnjymF+/KIP4MGU+cChNF0Kppzfqb755\n3VuKGywIwFGtVCeV9BxLgQSB/qRdqIsa84fL6VoUFYEXl0BCN94LOcA8Pd6FAbuN\nQCYTMICVIyAr1KExTtLRnV+qjQKEW06YoKHSng6YoQ576xR5Vlck2FeTGuphTcnI\nwX3iVFSXDOth6OM6d0yW4LkbZfpMkK4GYz92XsaWwwKBgQD44XdB9HM0t/O5MD8g\np3CF3WJmAZ+0rfm6YgZnZ2ISh5E2j9TVAZT9Dy0ptUu5GKF3eOBy4vZqYo3uv/ga\nW46E9cggLVfZl77hO9u4DF56cu9KYwndpEOq+X1Ljj5gPJZYNDM3nd0lBRWEjEsP\nxbiX+tdIfgV7FLzSAgpJIeL8jwKBgQDwqlPTYULeurM238XZ/17zmlZy7B/b7jlO\ng+HU7GRfOx2P1YC+6LIcH8CeOTtQvOE2MiJY15vbglhHOdvjnQFZXQwJyBKncZCp\nt0rbgxWodUA9dXuZqJeeoItELQqiw7vP4YZLwh5/9in38C5oyd6V2AMrENn/dUiU\ndEDDVlAVNwKBgDqS1b5wCa0enf23nSPSRGk88SuQtkWPrHZxG5C6hBpYTZTJxQ1c\nkfP83mQyht/JLDcx+6EOSXBAQacvBvUtFx2zuqXYBhTv4bygmdV3E8U9x5N6O5gu\nUL6seRCPKZ78o2We427zeFh+GdJYMlJD9m3OW1x0TFXrS4UhdcpAb2uBAoGAeuii\nEuwzOIjlCftSkjjnh0WlLOAGjU2mmsCjzxhDUpdgS5rgO5+fhtl4h9X2ww8TfZgx\nDmpewMZay1VzRVVj4P2yLjStwjIvjV18r4rMvtHS0xBy5VDCzlJzjYfrTKDmBA7L\nhVlINlXDrUpOiVm/gYtmYtIiY2LEhHyyrpAgKhUCgYEAm3cMm1WASaCiQZFjjZVQ\nkQe7KgMz2Fq/+/z6DQCKL/9vyxzjEM0+uxnW84ZP0tYK6kcvGNP4O0UfQmE4uN2k\nxotS0DH1EK8/m6TXN9OEVJEP91Gi9Imzjylffn/1GA5YkQME6dcDL+tWKGe5lZGH\nGt9HeWCczsmSA041dhxBh4c=\n-----END RSA PRIVATE KEY-----\n-------------------------------------------\n\n-------------------------------------------\nJWT: eyJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgwODAiLCJzdWIiOiJSUzI1NiBKV1QiLCJleHAiOjE2OTA3NDE4Njl9.4sMTi2oEe4-WnN1GwPkchhez-1wRblYYr_g8DiNb_GqY6GLpgcF73uiVk3FJV037IDD-VygQdY2MeHqrk6e0KqAVLraS170m1w5efUn2Hw_sjYSXynBKC6JLhK7IMoOLhZE2iX3Fbh-iq-PZYmhJ5o4LC6U3Cl0W9GGqNl3z12n06_uyYA5V0gnHukzwDffnWB5wrzDG_nPcTVkDbnjyn0qgIljK2t7shZ3ZgkGOLU47tsLc_1QNZZi_7DLDiAAx1Vf3hTk_z1KhThALKdIU7TtOSVPA1gG_l4suBNxRUtS2SU9D-Py7cFk5Ky8EqGqWwdJQYyWshiqer8SIcD_xOA\nExpiring in 5 seconds.\n-------------------------------------------\n\nLaunching the browser with: https://jwt.io?access_token=eyJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgwODAiLCJzdWIiOiJSUzI1NiBKV1QiLCJleHAiOjE2OTA3NDE4Njl9.4sMTi2oEe4-WnN1GwPkchhez-1wRblYYr_g8DiNb_GqY6GLpgcF73uiVk3FJV037IDD-VygQdY2MeHqrk6e0KqAVLraS170m1w5efUn2Hw_sjYSXynBKC6JLhK7IMoOLhZE2iX3Fbh-iq-PZYmhJ5o4LC6U3Cl0W9GGqNl3z12n06_uyYA5V0gnHukzwDffnWB5wrzDG_nPcTVkDbnjyn0qgIljK2t7shZ3ZgkGOLU47tsLc_1QNZZi_7DLDiAAx1Vf3hTk_z1KhThALKdIU7TtOSVPA1gG_l4suBNxRUtS2SU9D-Py7cFk5Ky8EqGqWwdJQYyWshiqer8SIcD_xOA\nUse the Public and Private keys above to verify the JWT signature.\n\n-------------------------------------------\nVerified? true\nSubject = RS256 JWT\nIssuer = http://localhost:8080\nExpiration Time = Sun Jul 30 11:31:09 PDT 2023\n-------------------------------------------\n\nExipred? No\n\n-------------------------------------------\nWaiting for 10 seconds before checking expiry...Done.\n-------------------------------------------\n\nExipred? Yes\n```\n\nIt also outputs the Public and Private Keys. You can use them on jwt.io to verify the signature.\n\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsandipchitale%2Fjwt","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsandipchitale%2Fjwt","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsandipchitale%2Fjwt/lists"}