| 179 | /// Parses an encoded JWT into a [Jwt] object. The signature is NOT |
| 180 | /// verified -- you must call one of the `verify*` methods afterwards. |
| 181 | public static Jwt parse(String token) { |
| 182 | if (token == null) { |
| 183 | throw new CryptoException("token must not be null"); |
| 184 | } |
| 185 | int firstDot = token.indexOf('.'); |
| 186 | if (firstDot < 0) { |
| 187 | throw new CryptoException("malformed JWT: no '.'"); |
| 188 | } |
| 189 | int secondDot = token.indexOf('.', firstDot + 1); |
| 190 | if (secondDot < 0) { |
| 191 | throw new CryptoException("malformed JWT: only one '.'"); |
| 192 | } |
| 193 | String headerB64 = token.substring(0, firstDot); |
| 194 | String payloadB64 = token.substring(firstDot + 1, secondDot); |
| 195 | String sigB64 = token.substring(secondDot + 1); |
| 196 | Map<String, Object> header = readJson(com.codename1.util.Base64.decodeUrlSafe(headerB64)); |
| 197 | Map<String, Object> claims = readJson(com.codename1.util.Base64.decodeUrlSafe(payloadB64)); |
| 198 | byte[] sig = sigB64.length() == 0 ? new byte[0] : com.codename1.util.Base64.decodeUrlSafe(sigB64); |
| 199 | return new Jwt(header, claims, sig, headerB64 + "." + payloadB64); |
| 200 | } |
| 201 | |
| 202 | // ================================================================ |
| 203 | // verification |