This project created demo purposes of JWT and JWKS with OAUTH2.
Sequence diagram:
- Unix/Linux OS
- Makefile
- Docker and Docker Compose
make set-up
- for setting up a docker networkmake up
- for building & starting ms-authorization-server and ms-resource-servermake send-authentication-request
- with request user will authenticate and retrieve access tokenmake ACCESS_TOKEN={access token from previous request} send-resource-request
- fill access token from previous request and send request to protected resource servermake down
- for shutdown ms-authorization-server and ms-resource-servermake clean
- for removing the docker network
Ps: Each app also is runnable individually by make ms-authorization-server-up
or make ms-resource-server-down
.
- Authorization Server will be available at
http://localhost:8081
- Resource Server will be available at
http://localhost:8082
JWKS Key Sets (with public key):
{
"keys": [
{
"kty": "RSA",
"e": "AQAB",
"use": "sig",
"kid": "intellias-key-id",
"alg": "RS256",
"n": "qJM1_wcVVMr6gNUh5og4NsOx3RG3L5AHMvo2DkssN8lZ8dmrRQU1Vo1Idbpy1H-0yvXxrO4eyemhMFzqxNLK8fNKVEMHVzef53p3Kdu4P3KYx0nr7r2BVphGXHTx8ZyRJQ9hi85n7jEa5ZFScBa-eyRd4PpIjGDvPl6c0X1DWQSgZ4jsnSEOPf82E75NBQRiGvVjT4O7M3394w0xWiLnGZoo6sD7_N1uMiMR6ckkiCHUIrwmYlVeEznLzNoCpHIhtfIEBx4NjhelgP4MunK9iDKwkLvP7CaUHifzI-9N2ZN6o606tswXIxtS2Hk_kwuhegbtiEf5NUhYnTJNl7u2HQ"
}
]
}
Sample of JWT token with custom header:
For making custom key pair for signing/verifying:
keytool -genkeypair \
-alias intellias-oauth-jwt \
-keyalg RSA \
-keypass intellias-pass \
-keystore intellias-jwt.jks \
-storepass intellias-pass
With the command below RSA 1024 bit size JKS file will be created.
Note: A JKS file is an encrypted security file used to store a set of cryptographic keys or certificates in the binary Java KeyStore (JKS) format.
ECC RSA Comparision: