public JsonWebToken parse()

in src/main/java/org/apache/geronimo/microprofile/impl/jwtauth/jwt/JwtParser.java [73:101]

• 25 lines of code
• 8 McCabe index (conditional complexity)

    public JsonWebToken parse(final String jwt) {
        final int firstDot = jwt.indexOf('.');
        if (firstDot < 0) {
            throw new JwtException("JWT is not valid", HttpURLConnection.HTTP_BAD_REQUEST);
        }
        final int secondDot = jwt.indexOf('.', firstDot + 1);
        if (secondDot < 0 || jwt.indexOf('.', secondDot + 1) > 0 || jwt.length() <= secondDot) {
            throw new JwtException("JWT is not valid", HttpURLConnection.HTTP_BAD_REQUEST);
        }

        final String rawHeader = jwt.substring(0, firstDot);
        final JsonObject header = loadJson(rawHeader);
        if (validateTyp && !getAttribute(header, "typ", defaultTyp).equalsIgnoreCase("jwt")) {
            throw new JwtException("Invalid typ", HttpURLConnection.HTTP_UNAUTHORIZED);
        }

        final JsonObject payload = loadJson(jwt.substring(firstDot + 1, secondDot));
        dateValidator.checkInterval(payload);

        final String alg = getAttribute(header, "alg", defaultAlg);
        final String kid = getAttribute(header, "kid", defaultKid);
        final Collection<String> issuers = kidMapper.loadIssuers(kid);
        if (!issuers.isEmpty() && issuers.stream().noneMatch(it -> it.equals(payload.getString(Claims.iss.name())))) {
            throw new JwtException("Invalid issuer", HttpURLConnection.HTTP_UNAUTHORIZED);
        }
        signatureValidator.verifySignature(alg, kidMapper.loadKey(kid), jwt.substring(0, secondDot), jwt.substring(secondDot + 1));

        return createToken(jwt, payload);
    }