Deprecation of support for unsecured JWT token parsing with algo != 'none' about jjwt HOT 3 CLOSED

TL;DR The new way is more secure (and spec compliant).

If you are interested in bypassing the security mechanisms of a JWT, see this post, though I'd recommend against parsing a JWT you are not able to validate

from jjwt.

We had a use case of performing unsecured JWT parsing.

I don't know if your use case is similar to those discussed in other tickets, but I've addressed some of them in other replies that you might find useful:

#86 (comment)

and

#86 (comment)

TLDR; if you need information in a JWS after its initial signature verification and use case (e.g. authenticating an HTTP request), create a new JWT that contains what you need for access later, with appropriate exp times if/as necessary. This new JWT can be unsecured (not recommended) or secured with a key specific to the server/application so it may be verified unmodified later as needed.

Is there any update in JWT RFC to enforce such checks for unsecured JWTs?

Surprisingly, yes. JJWT's original implementation of this logic was created years ago, before the RFCs were finalized (they were very nearly finalized, in draft status, when JJWT was created). Before the RFC was finalized, they added this:

https://datatracker.ietf.org/doc/html/rfc7518#section-8.5

Given the other backwards-incompatible changes slated for 0.12.0, it was also a good time to introduce this other change to represent the (finalized) RFC. Consequently, having a signature algorithm other than none, but not having a signature in the token indicates that the JWS was either malformed or unsafely manipulated, so the JWT library needs to indicate the token is invalid.

Hopefully that helps!

P.S. thank you for such a detailed and well-written issue, we really do appreciate it.

from jjwt.

For what it's worth, the code below will achieve your expected behavior, but it's really, really not a good idea. Because of its security implications, it will never be added to JJWT, but for those who live dangerously:

KeyPair keyPair = Jwts.SIG.ES256.keyPair().build();
final String jws = Jwts.builder().subject("Alice").signWith(keyPair.getPrivate()).compact();

// HERE BE DRAGONS. Thou art forewarned:
int i = jws.indexOf('.');
String b64UrlHeader = jws.substring(0, i);
String b64UrlPayload = jws.substring(i + 1, jws.lastIndexOf('.'));
ObjectMapper om = new ObjectMapper();
Map headerMap = om.readValue(Decoders.BASE64URL.decode(b64UrlHeader), Map.class);
headerMap.put("alg", "none");
b64UrlHeader = Encoders.BASE64URL.encode(om.writeValueAsBytes(headerMap));
String unsecured = b64UrlHeader + '.' + b64UrlPayload + '.';
Jwt<Header, Claims> unsafe = Jwts.parser().unsecured().build().parseUnsecuredClaims(unsecured);

from jjwt.