How to decode JWT token to get details of Header and Payload using nimbus-jose-jwt?

Question

I have the following JWT token that I want to decode:

eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5UQXhabU14TkRNeVpEZzNNVFUxWkdNME16RXpPREpoWldJNE5ETmxaRFUxT0dGa05qRmlNUSJ9.eyJhdWQiOiJodHRwOlwvXC9vcmcud3NvMi5hcGltZ3RcL2dhdGV3YXkiLCJzdWIiOiJTYW1wYXRoIiwiYXBwbGljYXRpb24iOnsiaWQiOjMsIm5hbWUiOiJUZXN0IEpXVCIsInRpZXIiOiJVbmxpbWl0ZWQiLCJvd25lciI6IlNhbXBhdGgifSwic2NvcGUiOiJhbV9hcHBsaWNhdGlvbl9zY29wZSBkZWZhdWx0IiwiaXNzIjoiaHR0cHM6XC9cL2xvY2FsaG9zdDo5NDQzXC9vYXV0aDJcL3Rva2VuIiwia2V5dHlwZSI6IlBST0RVQ1RJT04iLCJzdWJzY3JpYmVkQVBJcyI6W10sImNvbnN1bWVyS2V5IjoiRlBHa2dKNndQMGZWMUtNS3FkRW83X1U1ZFNFYSIsImV4cCI6MTU0OTU0MjM0NSwiaWF0IjoxNTQ5NTM4NzQ1Mjc4LCJqdGkiOiJjMDU4ODMxYS03Yzg0LTQwZGEtYTFkOC04NWRiNGE2YzY4ZDMifQ==.g3CZ6PfirbN9rUHDhWxXNbqA49ne2Fam_SXWiKUBfQN10ddLIKrY8L8xalQ0DX3LiQg0TmdYspR4vVd3Mfji919UJEFSe894JD-PqFTFcvVsLgLm9pWNoyXNVEz6gTiR5JM_UlAPZ4N8FjCla9tMjRfiG-l4gvdmXhF84_a7IwwVLY7DkOs0m-7UK3evB005QZJ5_vmYEtAFV6pFzSt3Jz_fqEPR4RIkrjUIei7m4KyQ3QEl-_ZuhPn80UrACbFqyIQ0Fl71cMQ5V28AXKt8AitGT53XL0LK-cnNmQqyy8WTNRaWmVAZIW7XOCcHBkg9diWy-uZvHSL3pig9Pfr0sg==

If I do this online, I get the following response:

// HEADER
    {
      "typ": "JWT",
      "alg": "RS256",
      "x5t": "NTAxZmMxNDMyZDg3MTU1ZGM0MzEzODJhZWI4NDNlZDU1OGFkNjFiMQ"
    },
// PAYLOAD
    {
      "aud": "http://org.wso2.apimgt/gateway",
      "sub": "Sampath",
      "application": {
        "id": 3,
        "name": "Test JWT",
        "tier": "Unlimited",
        "owner": "Sampath"
      },
      "scope": "am_application_scope default",
      "iss": "https://localhost:9443/oauth2/token",
      "keytype": "PRODUCTION",
      "subscribedAPIs": [],
      "consumerKey": "FPGkgJ6wP0fV1KMKqdEo7_U5dSEa",
      "exp": 1549542345,
      "iat": 1549538745278,
      "jti": "c058831a-7c84-40da-a1d8-85db4a6c68d3"
    }

How can I do it using using Java code and Nimbus?

Answer 1

With Nimbus: https://connect2id.com/products/nimbus-jose-jwt/examples/jose-jwt-parsing

pom.xml

<dependency>
    <groupId>com.nimbusds</groupId>
    <artifactId>nimbus-jose-jwt</artifactId>
    <version>9.x</version>
</dependency>

yourClass.java

/**
 * accessToken: the JWT string text.
**/
private String parseJWT(String accessToken) {
    try {
        var decodedJWT = SignedJWT.parse(accessToken);
        var header = decodedJWT.getHeader().toString();
        var payload = decodedJWT.getPayload().toString();
    } catch (ParseException e) {
        throw new Exception("Invalid token!");
    }
}

You can also change SignedJWT with EncryptedJWT or PlainJWT, depending on the type of token you have (the one in your in your example is a signed one).