in plugin-rest/spring-security-rest/grails-app/services/grails/plugin/springsecurity/rest/JwtService.groovy [49:75]
JWT parse(String tokenValue) {
JWT jwt = JWTParser.parse(tokenValue)
if (jwt instanceof SignedJWT) {
log.debug "Parsed an HMAC signed JWT"
SignedJWT signedJwt = jwt as SignedJWT
if(!signedJwt.verify(new MACVerifier(jwtSecret))) {
throw new JOSEException('Invalid signature')
}
} else if (jwt instanceof EncryptedJWT) {
log.debug "Parsed an RSA encrypted JWT"
EncryptedJWT encryptedJWT = jwt as EncryptedJWT
RSADecrypter decrypter = new RSADecrypter(keyProvider.privateKey)
// Decrypt
encryptedJWT.decrypt(decrypter)
} else if (jwt instanceof PlainJWT) {
log.debug "Parsed a plain JWT"
if (jwtSecret || keyProvider) {
throw new JOSEException('Unsigned/unencrypted JWT not expected')
}
}
return jwt
}