First I was using ‘DefaultResourceRetriever’ without any configuration like this : and then I got the following exception To by pass certificate check I have configured the resource retriever like below; But it doesn’t changed anything. I could set Hostname verifier to SSLConnectionSocketFactory like this: new SSLConnectionSocketFactory(sslContext, new NoopHostnameVerifier()) But nimbus ResourceRetriever only accept SSLSocketFactory as a parameter. Is there
Tag: nimbus-jose-jwt
In nimbus-jose-jwt, what is difference between lifespan and refreshTime?
The class DefaultJWKSetCache of nimbus-jose-jwt has two fields, lifespan and refreshTime. From Java docs – lifespan – The lifespan of the cached JWK set before it expires, negative means no expiration. refreshTime – The time after which the cached JWK set is marked for refresh, negative if not specified. Should be shorter or equal to the lifespan. What is the
Unable to parse JWK in Java
I implemented a rest authorization server that returns the public-key for a given keyId in the JWK format using the com.nimbusds:nimbus-jose-jwt:9.13 package. The code looks something like this: This code returns a JWK key in the following format: On the client side (java), I try to parse the jwk with the following code: However, the client is unable to parse