Verify JSON Web Tokens (JWT) signed with RSA

1
We publish a REST-service in Mendix, in which we need to verify the Authorization token provided in a HTTP header. This token is a JWT token with SHA-256 RSA signing. The current app store modules only support signing using a secret. @Luiz Rocha already requested this at the FlowFabric module (https://appstore.home.mendix.com/link/app/38385/) and the fork of WebFlight doesn't support it either (https://appstore.home.mendix.com/link/app/106447/). Has somebody experience verifying it using a certificate? Any suggestions how I should implement this (probably in Java)?
asked
2 answers
2

Johan,

If you're up for it have a look at http://codingstill.com/2016/01/verify-jwt-token-signed-with-rs256-using-the-public-key/ to implement this by your self.

answered
0

Update on this matter: I implemented custom Java as Erwin proposed. In the meanwhile is the fork of Webflight updated by Menno de Haas and this module now supports certificate signed JWT.

answered