I've to create a JWTClaim which has inside a property with a JSON:
exampleClaimJson = { "nonce":"13234-3234345-34454", } In Java I'm building it like this:
JSONObject exampleClaimJson = new JSONObject(); didJson.put("nonce","13234-3234345-34454"); JWTClaimsSet claimsSet = new JWTClaimsSet.Builder() .subject(did) .claim("exampleJson", exampleClaimJson) .build() But then inside the JWT the "exampleJson" claim is represented like this:
{ ... "exampleJson": { "map": { "nonce":"13234-3234345-34454" } } } On the other hand if I use
.claim("exampleJson", exampleClaimJson.toString()) Then it turns into:
{ ... "exampleJson": "{\"nonce\":\"13234-3234345-34454\"}" } To me none of those look ok, in particular because the structure of the Claim will be verified and must be just a JSON, not with map declarations and not a simple string.
Does anyone know if this is the correct approach in Java? I'm looking at this Building JSON Web Token using JSONObject and JSONArray (from 2015 though..) - what's the difference between the minidev and the java json objects? Is it a normal practice to include different JSON libraries for Java projects?
1 Answer
Your code looks right - perhaps there is some kind of library incompatibility? To work with object claims, see the nimbus tests. Here is some working code:
var verifiablePresentationJson = new JSONObject() verifiablePresentationJson.put("nonce", "13234-3234345-34454") val did = "did:example:user123" val claimsSet = new JWTClaimsSet.Builder() .subject(did) .claim("verifiablePresentationJson", verifiablePresentationJson) .build() System.out.println(claimsSet.toString()) Note that you should be using the following class and not some other implementation:
net.minidev.json.JSONObject Do so by adding this dependency, in the same way as the nimbus project does:
implementation("net.minidev:json-smart:2.5.0") 1