If a JSON Web Token (JWT) is not signed with a strong cipher algorithm (or not signed at all) an attacker can forge it and impersonate user
identities.
- Don’t use
none algorithm to sign or verify the validity of a token.
- Don’t use a token without verifying its signature before.
Noncompliant Code Example
Using jwtk/Java JWT library (to verify a signed token (containing a JWS) don’t use the
parse method as it doesn’t throw an exception if an unsigned token is provided):
// Signing:
io.jsonwebtoken.Jwts.builder() // Noncompliant, token is not signed.
.setSubject(USER_LOGIN)
.compact();
// Verifying:
io.jsonwebtoken.Jwts.parser().setSigningKey(SECRET_KEY).parse(token).getBody(); // Noncompliant
Using auth0/Java JWT library:
// Signing:
com.auth0.jwt.JWT.create()
.withSubject(SUBJECT)
.sign(Algorithm.none()); // Noncompliant, use only strong cipher algorithms when signing this JWT.
// Verifying:
JWTVerifier nonCompliantVerifier = com.auth0.jwt.JWT.require(Algorithm.none()) // Noncompliant
.withSubject(LOGIN)
.build();
Compliant Solution
Using Java JWT library (to verify a signed token (containing a JWS) use the parseClaimsJws
method that will throw an exception if an unsigned token is provided):
// Signing:
Jwts.builder() // Compliant
.setSubject(USER_LOGIN)
.signWith(SignatureAlgorithm.HS256, SECRET_KEY)
.compact();
// Verifying:
Jwts.parser().setSigningKey(SECRET_KEY).parseClaimsJws(token).getBody(); // Compliant
Using auth0/Java JWT library. I
// Signing:
JWT.create()
.withSubject(SUBJECT)
.sign(Algorithm.HMAC256(SECRET_KEY)); // Compliant
// Verifying:
JWTVerifier nonCompliantVerifier = JWT.require(Algorithm.HMAC256(SECRET_KEY)) // Compliant
.withSubject(LOGIN)
.build();
See
