in callouts/java/service-callout/src/main/java/example/JwtAuth.java [151:176]
public Claims validateJwtToken(HttpHeaders requestHeaders) {
String jwtToken = extractJwtToken(requestHeaders);
if (jwtToken == null) {
logger.warn("JWT token is missing or invalid in the Authorization header.");
return null;
}
try {
// Decode the JWT token using the provided public key and algorithm
Claims decoded = Jwts.parserBuilder()
.setSigningKey(publicKey)
.build()
.parseClaimsJws(jwtToken)
.getBody();
logger.debug("JWT validated successfully: {}", decoded);
return decoded;
} catch (SignatureException e) {
logger.error("Invalid JWT signature: {}", e.getMessage());
} catch (io.jsonwebtoken.JwtException e) {
logger.error("JWT processing error: {}", e.getMessage());
}
return null;
}