I've to create a JWTClaim which has inside a property with a JSON:
exampleClaimJson = {
"nonce":"13234-3234345-34454",
}
In Java I'm building it like this:
JSONObject exampleClaimJson = new JSONObject();
didJson.put("nonce","13234-3234345-34454");
JWTClaimsSet claimsSet = new JWTClaimsSet.Builder()
.subject(did)
.claim("exampleJson", exampleClaimJson)
.build()
But then inside the JWT the "exampleJson" claim is represented like this:
{
...
"exampleJson": {
"map": {
"nonce":"13234-3234345-34454"
}
}
}
On the other hand if I use
.claim("exampleJson", exampleClaimJson.toString())
Then it turns into:
{
...
"exampleJson": "{\"nonce\":\"13234-3234345-34454\"}"
}
To me none of those look ok, in particular because the structure of the Claim will be verified and must be just a JSON, not with map declarations and not a simple string.
Does anyone know if this is the correct approach in Java? I'm looking at this Building JSON Web Token using JSONObject and JSONArray (from 2015 though..) - what's the difference between the minidev and the java json objects? Is it a normal practice to include different JSON libraries for Java projects?
Your code looks right - perhaps there is some kind of library incompatibility? To work with object claims, see the nimbus tests. Here is some working code:
var verifiablePresentationJson = new JSONObject()
verifiablePresentationJson.put("nonce", "13234-3234345-34454")
val did = "did:example:user123"
val claimsSet = new JWTClaimsSet.Builder()
.subject(did)
.claim("verifiablePresentationJson", verifiablePresentationJson)
.build()
System.out.println(claimsSet.toString())
Note that you should be using the following class and not some other implementation:
net.minidev.json.JSONObject
Do so by adding this dependency, in the same way as the nimbus project does:
implementation("net.minidev:json-smart:2.5.0")