JWT verification in Next.js problem. Cannot verify JWT from Sping Boot application

Question

I am trying to verify JWT in Next.js app with many different approach ( using crypto or jsonwebtoken libraries ) but every time I get error.

This is how JWT is signed :

  public String generateToken(UserDetails userDetails) {
    return generateToken(new HashMap<>(), userDetails);
  }

  public String generateToken(
      Map<String, Object> extraClaims,
      UserDetails userDetails
  ) {
    return Jwts
        .builder()
        .setClaims(extraClaims)
        .setSubject(userDetails.getUsername())
        .setIssuedAt(new Date(System.currentTimeMillis()))
        .setExpiration(new Date(System.currentTimeMillis() + 1000 * 60 * 24))
        .signWith(getSignInKey(), SignatureAlgorithm.HS256)
        .compact();
  }

  private Key getSignInKey() {
    byte[] keyBytes = Decoders.BASE64.decode(SECRET_KEY);
    return Keys.hmacShaKeyFor(keyBytes);
  }

This use SpringSecurity 6. In version 5, it was possible to call signWith method secret_key that is typeof String, but in version 6 secret_key must be typeof Key.

So I don't know what should I do now for JWT verification, is there anyone who face this problem?

Does this help? https://stackoverflow.com/questions/55102937/how-to-create-a-spring-security-key-for-signing-a-jwt-token — Andrew Chung, Feb 26 '23 at 13:14
@AndrewChung I have already JWT that does good. But my problem is that I need to verify in Next.js. And problem that all libraries for verification takes token and secret, but secret is assign as Key, not as string. — Nedim, Feb 26 '23 at 16:25

JWT verification in Next.js problem. Cannot verify JWT from Sping Boot application

0 Answers0