private void verifySignature()

in src/main/java/org/apache/geronimo/microprofile/impl/jwtauth/jwt/SignatureValidator.java [157:171]

• 15 lines of code
• 4 McCabe index (conditional complexity)

    private void verifySignature(final PublicKey publicKey, final String signingString, final String expected,
                                 final String algo) {
        try {
            final Signature signature = jcaProvider == null ?
                    Signature.getInstance(algo) :
                    Signature.getInstance(algo, jcaProvider);
            signature.initVerify(publicKey);
            signature.update(signingString.getBytes(StandardCharsets.UTF_8));
            if (!signature.verify(Base64.getUrlDecoder().decode(expected))) {
                invalidSignature();
            }
        } catch (final Exception e) {
            invalidSignature();
        }
    }