Ron and Ella Wiki Page

Extremely Serious

Page 8 of 33

Unveiling the Layers: Exploring Software Development Tiers

November 14, 2023 / / 0 Comments

Software development is a multifaceted process that often involves a structured approach, organized into various tiers. These tiers, collectively forming a multi-tier architecture, provide a framework for building scalable, modular, and maintainable applications. In this article, we'll delve into the three fundamental tiers—Presentation, Logic, and Data—illustrating their roles through a generic perspective.

1. Presentation Tier:

The Presentation Tier, also known as the User Interface (UI), is the front-facing layer where users interact with an application. Whether it's a web interface, mobile app, or desktop application, the Presentation Tier encompasses the visual elements and user experience. It includes everything from buttons and forms to graphical representations, allowing users to input information and receive feedback.

2. Logic (Business) Tier:

Situated behind the scenes, the Logic Tier, often referred to as the Business Logic, is the engine that powers the application. Regardless of the application's nature—be it e-commerce, healthcare, or productivity tools—the Logic Tier processes user inputs, enforces business rules, and orchestrates the overall functionality. It calculates, validates, and ensures that the application behaves according to its intended purpose.

3. Data Tier:

The Data Tier, or Data Storage Tier, is where the application's information is stored and retrieved. This tier involves databases or any other storage mechanisms. Structured in tables, documents, or other formats, it houses data pertinent to the application's operation. In healthcare software, for instance, this could include patient records, while in a project management tool, it might store project details and timelines.

4. Application (Service) Tier (optional):

In some architectures, an additional Application or Service Tier is introduced to provide specialized services. These services could include authentication, communication, or transaction management. For instance, an authentication service might verify user credentials, ensuring secure access to various parts of the application, while a communication service facilitates interaction between different components.

Synthesis of Tiers:

As users engage with an application, the Presentation Tier comes into play, offering a seamless interface and facilitating user inputs. The Logic Tier processes these inputs, executes business rules, and directs the flow of operations. Simultaneously, the Data Tier manages the storage and retrieval of information, ensuring that data is structured and accessible.

This tiered architecture is not limited to a specific domain but is a versatile framework applicable to diverse software applications. Whether it's crafting a healthcare management system, a project collaboration tool, or any other software solution, understanding and implementing these tiers contribute to the development of robust and scalable applications.

In conclusion, the delineation into Presentation, Logic, and Data Tiers forms the backbone of modern software development. This architectural approach enhances maintainability, scalability, and the overall efficiency of applications across various industries, making it a cornerstone for developers and architects alike.

Understanding the OSI Model: A Layered Approach to Networking

November 14, 2023 / / 0 Comments

The Open Systems Interconnection (OSI) model is a conceptual framework that standardizes the functions of a telecommunication or computing system into seven abstraction layers. This layered approach facilitates a systematic understanding of network communication processes. In this article, we'll explore each layer of the OSI model and illustrate its functions with an example of sending an email.

1. Physical Layer (Layer 1):

The Physical Layer is the foundation of the OSI model, dealing with the physical connection between devices. This includes the hardware characteristics, such as cables, connectors, and transmission mediums. In our email example, this layer represents the actual transmission of electronic signals or light pulses over the physical medium, be it an Ethernet cable, Wi-Fi, or other communication channels.

2. Data Link Layer (Layer 2):

The Data Link Layer is responsible for creating a reliable link between two directly connected nodes. It handles framing, addressing, and error detection. In our example, this layer encapsulates the email packet into frames and adds a Media Access Control (MAC) address for communication between devices on the same network.

3. Network Layer (Layer 3):

The Network Layer manages logical addressing and routing of data packets between different networks. This layer is crucial for determining the best path for the email packet to reach its destination. In our scenario, the Network Layer ensures the email packet is routed across the Internet to the recipient's email server.

4. Transport Layer (Layer 4):

The Transport Layer ensures end-to-end communication and manages data flow control, error correction, and retransmission. In the email example, this layer uses a transport protocol (e.g., SMTP) to break the email into smaller packets and guarantees reliable delivery.

5. Session Layer (Layer 5):

The Session Layer is responsible for establishing, maintaining, and terminating communication sessions between applications. In our scenario, this layer manages the session between the email client and the email server, handling tasks like session setup and termination.

6. Presentation Layer (Layer 6):

The Presentation Layer deals with data representation, encryption, and compression. It translates data between the application layer and the lower layers, ensuring compatibility between different systems. In the email example, this layer formats the text and attachments in a way that both the sender and receiver can understand.

7. Application Layer (Layer 7):

The topmost layer, the Application Layer, interacts directly with end-user applications. It provides network services directly to end-users and application processes. In our example, you compose and send an email using your email client, which operates at the Application Layer.

In conclusion, the OSI model provides a structured framework for understanding the complexities of network communication. Each layer plays a specific role in ensuring the successful transmission of data. Whether you're sending an email, browsing the web, or engaging in any online activity, the OSI model underlies the seamless functioning of modern computer networks.

Understanding Database Cardinality Relationships

November 14, 2023 / / 0 Comments

In the realm of relational databases, cardinality relationships define the connections between tables and govern how instances of one entity relate to instances of another. Let's delve into three cardinality relationships with a consistent example, illustrating each with table declarations.

1. One-to-One (1:1) Relationship

In a one-to-one relationship, each record in the first table corresponds to exactly one record in the second table, and vice versa. Consider the relationship between Students and DormRooms:

CREATE TABLE Students (
    student_id INT PRIMARY KEY,
    student_name VARCHAR(50),
    dorm_room_id INT UNIQUE,
    FOREIGN KEY (dorm_room_id) REFERENCES DormRooms(dorm_room_id)
);

CREATE TABLE DormRooms (
    dorm_room_id INT PRIMARY KEY,
    room_number INT
);

Here, each student is assigned one dorm room, and each dorm room is assigned to one student.

2. One-to-Many (1:N) Relationship

In a one-to-many relationship, each record in the first table can be associated with multiple records in the second table, but each record in the second table is associated with only one record in the first table. Consider the relationship between Departments and Professors:

CREATE TABLE Departments (
    department_id INT PRIMARY KEY,
    department_name VARCHAR(50)
);

CREATE TABLE Professors (
    professor_id INT PRIMARY KEY,
    professor_name VARCHAR(50),
    department_id INT,
    FOREIGN KEY (department_id) REFERENCES Departments(department_id)
);

In this case, each department can have multiple professors, but each professor is associated with only one department.

3. Many-to-Many (N:N) Relationship

In a many-to-many relationship, multiple records in the first table can be associated with multiple records in the second table, and vice versa. Consider the relationship between Students and Courses:

CREATE TABLE Students (
    student_id INT PRIMARY KEY,
    student_name VARCHAR(50)
);

CREATE TABLE Courses (
    course_id INT PRIMARY KEY,
    course_name VARCHAR(50)
);

CREATE TABLE StudentCourses (
    student_id INT,
    course_id INT,
    PRIMARY KEY (student_id, course_id),
    FOREIGN KEY (student_id) REFERENCES Students(student_id),
    FOREIGN KEY (course_id) REFERENCES Courses(course_id)
);

In this scenario, many students can enroll in multiple courses, and each course can have multiple students.

Understanding these cardinality relationships is essential for designing robust and efficient relational databases, ensuring the integrity and consistency of data across tables.

Understanding MVC vs MVVM: Choosing the Right Architectural Pattern for Web Development

November 12, 2023 / / 0 Comments

When it comes to developing web applications, choosing the right architectural pattern is crucial for building scalable, maintainable, and efficient systems. Two popular patterns in the realm of front-end development are MVC (Model-View-Controller) and MVVM (Model-View-ViewModel). In this article, we'll delve into the characteristics of each pattern and explore their differences to help you make an informed decision based on your project requirements.

MVC (Model-View-Controller)

Overview:

MVC is a time-tested architectural pattern that separates an application into three interconnected components:

  1. Model:
    • Represents the application's data and business logic.
    • Manages the state and behavior of the application.
  2. View:
    • Displays the data to the user.
    • Handles user input and forwards it to the controller.
  3. Controller:
    • Manages user input.
    • Updates the model based on user actions.
    • Refreshes the view to reflect changes in the model.

Advantages:

  • Separation of Concerns: Clear separation between data (model), user interface (view), and user input (controller) simplifies development and maintenance.
  • Reusability: Components can be reused in different parts of the application.

Disadvantages:

  • Complexity: In large applications, the strict separation can lead to complex interactions between components.
  • Tight Coupling: Changes in one component may require modifications in others, leading to tight coupling.

MVVM (Model-View-ViewModel)

Overview:

MVVM is an architectural pattern that evolved from MVC and is particularly prevalent in frameworks like Microsoft's WPF and Knockout.js. It introduces a new component, the ViewModel:

  1. Model:
    • Represents the application's data and business logic.
  2. View:
    • Displays the data to the user.
    • Handles user input.
  3. ViewModel:
    • Binds the view and the model.
    • Handles user input from the view.
    • Updates the model and, in turn, updates the view.

Advantages:

  • Data Binding: Automatic synchronization between the view and the model simplifies code and reduces boilerplate.
  • Testability: ViewModel can be unit tested independently, enhancing overall testability.

Disadvantages:

  • Learning Curve: Developers unfamiliar with the pattern may face a learning curve.
  • Overhead: In simpler applications, MVVM might introduce unnecessary complexity.

Choosing the Right Pattern:

Use MVC When:

  • Simplicity is Key: For smaller applications or projects with less complex UI requirements, MVC might be a more straightforward choice.
  • Experience: When the development team is already experienced with MVC.

Use MVVM When:

  • Data-Driven Applications: In scenarios where automatic data binding and a reactive approach are beneficial, such as in single-page applications.
  • Frameworks Support MVVM: If you are using a framework that inherently supports MVVM, like Angular or Knockout.js.

Conclusion:

Both MVC and MVVM have their merits, and the choice between them depends on the specific needs of your project. MVC provides a clear separation of concerns, while MVVM excels in data-driven applications with its powerful data-binding capabilities. Understanding the strengths and weaknesses of each pattern will empower you to make an informed decision that aligns with your project goals and team expertise.

Using the Windows Runas Command: Run Programs with Different User Credentials and Domains

November 12, 2023 / / 0 Comments

The runas command in Windows is a versatile tool that allows you to run programs with different user credentials, making it valuable for administrative tasks and situations requiring elevated privileges. Additionally, the command can be used to run programs with credentials from different domains, and the /netonly parameter provides a focused approach for accessing remote resources with distinct credentials.

Running Programs with Different User Credentials

To run a program with different user credentials, follow these steps:

  1. Open Command Prompt: Press Win + R, type "cmd," and press Enter to open the Command Prompt.

  2. Use runas: Enter the following command, replacing <username> with the desired username and "<program_path>" with the program's path:

    runas /user:<username> "<program_path>"

  3. Password Prompt: After entering the command, you will be prompted to enter the password for the specified user.

  4. Run Program: Once you enter the correct password, the program will run with the credentials of the specified user.

For example:

runas /user:Administrator "C:\Windows\System32\cmd.exe"

This command runs the Command Prompt as the Administrator user.

Running Programs with Different User Credentials from a Different Domain

To run a program with different user credentials from a different domain, use the following syntax:

runas /user:<domain>\<username> "<program_path>"
  • <domain>: Replace this with the domain name where the user account is located.
  • <username>: Replace this with the username of the account you want to use.
  • "<program_path>": Replace this with the full path to the program you want to run.

For example:

runas /user:ExampleDomain\User1 "C:\Path\To\Program.exe"

This command prompts for the password of the specified domain user and runs the program with those credentials.

Ensure you have the necessary permissions, network connectivity, and correct domain and username format for running programs across different domains.

Running Programs with Different User Credentials Using /netonly

The /netonly parameter allows you to run a program with different user credentials specifically for accessing remote resources. Use the following syntax:

runas /netonly /user:<domain>\<username> "<program_path>"
  • <domain>: Replace this with the domain name where the user account is located.
  • <username>: Replace this with the username of the account you want to use.
  • "<program_path>": Replace this with the full path to the program you want to run.

For example:

runas /netonly /user:ExampleDomain\User1 "C:\Path\To\Program.exe"

When using /netonly, the specified program runs with the specified user credentials only for network connections. Local resources and interactions continue to use the credentials of the currently logged-in user.

This feature is beneficial when accessing resources on a different domain or using different credentials for a specific task without affecting the local user session.

Remember to provide the correct domain, username, and program path for your specific scenario. The /netonly parameter enhances the flexibility of the runas command, making it a valuable tool for managing credentials in diverse network environments.

Understanding the Distinction: Programmer vs. Scriptwriter

November 6, 2023 / / 0 Comments

In the realm of software development, the roles of programmers and scriptwriters are distinct, each with its unique set of responsibilities and objectives. Let's delve into the key disparities between these two roles to gain a better understanding of their respective contributions to the world of code.

The Programmer:

A programmer is a professional who specializes in the development of computer programs and software applications. Their primary responsibilities revolve around creating and designing intricate pieces of software. Here are some defining characteristics of a programmer's role:

1. Software Development:

  • Programmers are tasked with building software applications that can range from standalone desktop applications to web-based services and even system-level software.
  • They work with a wide array of programming languages, each suited for different purposes, and often have expertise in multiple languages.

2. Algorithm and Data Structures:

  • A significant part of a programmer's work involves designing complex algorithms and data structures. This is crucial for efficient data processing and problem-solving within software.
  • Programmers focus on optimizing the performance and functionality of the software they create.

3. Diverse Responsibilities:

  • Programmers are involved in various aspects of software development, including coding, debugging, testing, and maintaining large and intricate codebases.
  • They may collaborate with other team members, such as software architects, to bring the project to fruition.

The Scriptwriter:

In the context of software development, a scriptwriter typically refers to an individual who writes scripts to automate specific tasks or processes. These scripts are usually smaller in scope compared to full-fledged software applications. Here's what you need to know about the role of a scriptwriter:

1. Task Automation:

  • Scriptwriters use scripting languages like Python, Bash, or JavaScript to create scripts that automate repetitive or routine tasks.
  • The primary aim is to streamline and simplify processes by writing code that can perform these tasks more efficiently than manual intervention.

2. Focused Scope:

  • Unlike programmers, scriptwriters work with smaller-scale projects. They are not typically involved in developing complete software applications but instead concentrate on automating specific functions.

3. Process Enhancement:

  • Scriptwriters are valuable for enhancing workflow and increasing productivity. They may write scripts for tasks such as file manipulation, data extraction, or system administration.

Conclusion:

In conclusion, while both programmers and scriptwriters deal with code, they have distinctive roles within the realm of software development. Programmers focus on creating complex and extensive software applications, whereas scriptwriters specialize in writing scripts to automate particular tasks or processes. Both roles are vital in the world of technology, with programmers driving software innovation and scriptwriters making everyday processes more efficient. Understanding the difference between these roles can help organizations effectively allocate resources and talents for their software development projects.

Categorizing Programmers Based on Thinking Time

November 4, 2023 / / 0 Comments

Programming is a multifaceted field with a wide range of approaches, and one way to categorize programmers is based on their thinking time, particularly the time spent on research versus time spent on solving problems. This categorization can provide insights into how programmers approach their work and the strategies they employ.

Research-Driven Programmers:

Some programmers prioritize in-depth research before diving into coding. They invest a significant amount of time in gathering information, understanding the problem domain, and exploring potential solutions. Key characteristics of research-driven programmers include:

  • Thorough Understanding: They seek a deep and comprehensive understanding of the problem and its context before writing a single line of code.
  • Well-Planned Solutions: Research-driven programmers tend to create well-thought-out solutions based on the information they've gathered, leading to robust and efficient code.
  • Reduced Debugging Time: Their thorough research often results in fewer unexpected issues during the coding process, reducing debugging time in the long run.

Problem-Solving Oriented Programmers:

On the opposite end of the spectrum are programmers who prioritize problem-solving over extensive research. They prefer to jump right into solving the problem and may learn as they go. Key characteristics of problem-solving oriented programmers include:

  • Quick Start: They are keen to start coding and solving problems immediately, often favoring a more agile approach.
  • Adaptive Learning: Problem-solving programmers learn as they encounter specific challenges, adapting their solutions as needed.
  • Iterative Development: They may engage in iterative development, continuously reassessing and adjusting their approach based on immediate coding challenges.

Balanced Programmers:

Many programmers strike a balance between research and problem-solving. They allocate time for research to grasp the problem context but are also efficient in implementing solutions. These balanced programmers have the flexibility to adapt to different situations and projects.

Iterative Programmers and Agile Practitioners:

Some programmers may oscillate between research and problem-solving iteratively. They start with research, work on parts of the problem, and then return to research as they encounter specific challenges. Agile practitioners, in particular, focus on quick iterations and working software, continually adapting as they progress.

In summary, categorizing programmers based on their thinking time can help us understand their working styles and preferences. It's important to note that a well-rounded programmer can adapt their thinking approach as needed for the task at hand, demonstrating versatility in research, problem-solving, and coding expertise. The choice between these approaches depends on the programmer's familiarity with the technology, the complexity of the problem, and the project's requirements.

Code Assemblers vs. Knowledge-Based Coders

November 4, 2023 / / 0 Comments

Programmers come in various flavors, each with their own distinct coding approach. One notable distinction is between those who primarily assemble code from online resources like Stack Overflow and those who prefer to write code based on their existing knowledge. Let's delve into the characteristics of these two groups and the implications of their coding styles.

Code Assemblers:

Programmers in this category are known for their propensity to quickly search for code solutions to problems on platforms like Stack Overflow. They rely heavily on copying and pasting code snippets they find online. Here are some key characteristics of code assemblers:

  • Pragmatic Problem Solvers: Code assemblers prioritize getting things done quickly and efficiently. They are often driven by project deadlines and immediate results.
  • Limited Understanding: While they may solve problems effectively, code assemblers may have limited understanding of the code they incorporate into their projects. This can lead to challenges in maintaining and troubleshooting their code.
  • Risk of Copy-Paste Errors: Relying on external code without fully comprehending it can result in errors that are difficult to detect and fix. This can have long-term implications for the quality and stability of their software.

Knowledge-Based Coders:

In contrast, knowledge-based coders prefer to write code based on their existing understanding and expertise. They are more likely to create custom solutions that are tailored to the specific requirements of the project. Here are some key characteristics of knowledge-based coders:

  • In-Depth Understanding: Knowledge-based coders have a deep understanding of the technologies and frameworks they work with. They leverage their expertise to craft solutions from scratch.
  • Customized Solutions: They prioritize writing code that is optimized for the project's needs. This can lead to more efficient and maintainable software.
  • Long-Term Benefits: Knowledge-based coders are often better equipped to handle long-term maintenance and updates of their code, as they have a full grasp of how it works.

Hybrid Coders:

It's worth noting that many programmers fall somewhere in between these two extremes. Hybrid coders combine their existing knowledge with code snippets and solutions they find online. They use external resources as references and starting points but still take the time to understand and adapt the code to fit the specific needs of their projects.

In conclusion, the choice between assembling code from external sources and coding from existing knowledge depends on various factors, including the project's requirements, the programmer's experience level, and the technology being used. While using code from online sources can be a valuable resource, a deep understanding of the code is crucial for ensuring the long-term success and maintainability of software projects.

Qualities of Production-Grade Object-Oriented Programming (OOP) Code

October 28, 2023 / / 0 Comments

In the world of software development, creating code is just one part of the journey. Writing code that is not only functional but also maintainable, scalable, and robust is the ultimate goal. Object-Oriented Programming (OOP) is a widely adopted paradigm for achieving these goals. Let's explore the essential qualities that define production-grade OOP code.

1. Modularity

Modularity is at the core of OOP. It involves organizing code into classes and modules, promoting the separation of concerns. Each class should have a well-defined purpose, making it easy to understand and modify independently.

2. Encapsulation

Encapsulation is the concept of bundling data and methods within classes while controlling access through well-defined interfaces. This approach prevents unintended interference and helps maintain code integrity.

3. Abstraction

Abstraction is about abstracting complex systems into simpler, high-level concepts. Use abstract classes and interfaces to define common behavior and contracts for subclasses, making code more manageable.

4. Inheritance

Inheritance, when used judiciously, promotes code reuse. However, it should follow the "is-a" relationship and avoid deep class hierarchies to prevent complexity and tight coupling.

5. Polymorphism

Polymorphism allows for flexibility in handling different objects. It can be achieved through method overriding and interfaces, enabling code to work with various subclasses.

6. SOLID Principles

Adhering to the SOLID principles (Single Responsibility, Open-Closed, Liskov Substitution, Interface Segregation, and Dependency Inversion) ensures code is well-structured, maintainable, and extensible.

7. Error Handling

Proper error handling should be implemented to manage exceptions and errors gracefully, preventing crashes and data corruption.

8. Testing

Code should be thoroughly tested, with unit tests for individual components and integration tests to ensure different parts of the system work together correctly.

9. Documentation

Documentation is crucial for making code understandable for other developers. This includes documenting class interfaces, methods, and any complex algorithms.

10. Performance

Code should be optimized for performance without compromising readability. Profiling tools and best practices should be employed to identify and address bottlenecks.

11. Design Patterns

Knowledge of design patterns can help solve common problems in a structured and proven way, improving code maintainability.

12. Version Control

Using version control systems (e.g., Git) is crucial for tracking changes, collaborating with others, and ensuring code can be rolled back in case of issues.

13. Code Reviews

Regular code reviews by peers can help identify issues, improve code quality, and share knowledge among the development team.

14. Security

Implement security best practices to protect against common vulnerabilities, such as SQL injection, cross-site scripting, and data exposure.

15. Scalability

Design code with scalability in mind, allowing it to handle increased loads and data volume. This might involve architectural choices, such as microservices or a scalable database design.

16. Maintainability

Code should be easy to maintain over time, involving adherence to coding standards, clean and self-explanatory code, and keeping dependencies up-to-date.

17. Exception Handling

Effective handling of exceptions and errors is crucial to prevent unexpected crashes or data corruption.

18. Resource Management

Properly manage resources like database connections, file handles, and memory to avoid leaks or performance issues.

19. Logging and Monitoring

Implement logging and monitoring to track the behavior of the code in production, aiding in debugging and issue identification.

20. Internationalization and Localization

If applicable, make the code ready for internationalization (i18n) and localization (l10n) to support different languages and regions.

Remember that the specific requirements for production-grade OOP code can vary depending on the project and its context. Tailor your approach to meet the needs of the application and its users. By adhering to these qualities, you'll be well on your way to creating code that is both functional and maintainable in a production environment.

This article summarizes the key qualities that define production-grade OOP code, offering a comprehensive guide for developers aiming to write software that stands the test of time.

Generating and Validating JWT Tokens in Java using PEM

October 19, 2023 / / 0 Comments

JSON Web Tokens (JWT) are a popular way to secure communication between parties using digitally signed tokens. In this article, we will explore how to generate and validate JWT tokens in Java using PEM (Privacy Enhanced Mail) files. PEM files are commonly used to store cryptographic keys and certificates.

Generate JWT Token

In this section, we'll walk through how to generate a JWT token in Java using a private key stored in a PEM file.

Setting up the Environment

Before we proceed, make sure you have the following prerequisites:

  1. Java Development Kit (JDK) installed on your system.
  2. A PEM file containing a private key (referred to as <PRIVATE_KEY_PEM>).

Code Implementation

We'll use Java to create a JWT token. Here's the code for generating a JWT token:

import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Base64;
import java.util.UUID;

public class GenerateJWTSignedByPEM {

    public static void main(final String ... args) throws Exception {
        // Load the private key and certificate
        final var privateKeyPEM = """
                <PRIVATE_KEY_PEM>              
                """;

        final var privateKey = getPrivateKeyFromPEM(privateKeyPEM);

        // Create JWT claims
        final var subject = "user123";
        final var issuer = "yourapp.com";
        final var expirationTimeMillis = System.currentTimeMillis() + 3600 * 1000; // 1 hour
        final var jwtID = UUID.randomUUID().toString();

        // Build JWT claims
        final var jwtHeader = "{\"alg\":\"RS256\",\"typ\":\"JWT\"}";
        final var jwtClaims = "{\"sub\":\"" + subject + "\",\"iss\":\"" + issuer + "\",\"exp\":" + expirationTimeMillis + ",\"jti\":\"" + jwtID + "\"}";

        // Base64Url encode the JWT header and claims
        final var base64UrlHeader = base64UrlEncode(jwtHeader.getBytes());
        final var base64UrlClaims = base64UrlEncode(jwtClaims.getBytes());

        // Combine header and claims with a period separator
        final var headerClaims = base64UrlHeader + "." + base64UrlClaims;

        // Sign the JWT
        final var signature = signWithRSA(headerClaims, privateKey);

        // Combine the JWT components
        final var jwtToken = headerClaims + "." + signature;

        System.out.println("JWT Token: " + jwtToken);
    }

    // Helper function to load a PrivateKey from PEM format
    private static PrivateKey getPrivateKeyFromPEM(String privateKeyPEM) throws Exception {
        privateKeyPEM = privateKeyPEM.replace("-----BEGIN PRIVATE KEY-----", "")
                .replace("-----END PRIVATE KEY-----", "")
                .replaceAll("\\s+", "");

        final var privateKeyBytes = Base64.getDecoder().decode(privateKeyPEM);

        final var keyFactory = KeyFactory.getInstance("RSA");
        final var keySpec = new PKCS8EncodedKeySpec(privateKeyBytes);
        return keyFactory.generatePrivate(keySpec);
    }

    // Base64 URL encoding
    private static String base64UrlEncode(final byte[] data) {
        return Base64.getUrlEncoder().withoutPadding().encodeToString(data);
    }

    // Sign the JWT using RSA
    private static String signWithRSA(final String data, final PrivateKey privateKey) throws Exception {
        final var signature = Signature.getInstance("SHA256withRSA");
        signature.initSign(privateKey);
        signature.update(data.getBytes());
        final var signatureBytes = signature.sign();
        return base64UrlEncode(signatureBytes);
    }
}

Here's a breakdown of the code:

  1. We load the private key from the PEM file.
  2. Create JWT claims, including subject, issuer, expiration time, and a unique JWT ID.
  3. Base64Url encode the JWT header and claims.
  4. Combine the header and claims with a period separator.
  5. Sign the JWT using the private key.
  6. Combine all the JWT components to get the final JWT token.

Make sure to replace <PRIVATE_KEY_PEM> with the actual content of your private key PEM file.

Validate JWT Token

In this section, we'll learn how to validate a JWT token using a public certificate stored in a PEM file.

Setting up the Environment

Ensure you have the following prerequisites:

  1. Java Development Kit (JDK) installed on your system.
  2. A PEM file containing a public certificate (referred to as <PUBLIC_CERT_PEM>).
  3. A JWT token you want to validate (referred to as <JWT_TOKEN>).

Code Implementation

We'll use Java to validate a JWT token. Here's the code:

import java.io.ByteArrayInputStream;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.X509Certificate;
import java.util.Base64;

public class ValidateJWTSignedByPEM {
    public static void main(final String ... args) throws Exception {

        // The JWT token to validate.
        final var jwtToken = "<JWT_TOKEN>";

        // Load the X.509 certificate
        final var certificatePEM = """
                <PUBLIC_CERT_PEM>              
                """;

        final var certificate = getCertificateFromPEM(certificatePEM);

        // Parse JWT components
        final var jwtParts = jwtToken.split("\\.");
        if (jwtParts.length != 3) {
            System.out.println("Invalid JWT format");
            return;
        }

        // Decode and verify the JWT signature
        final var base64UrlHeader = jwtParts[0];
        final var base64UrlClaims = jwtParts[1];
        final var signature = jwtParts[2];

        // Verify the signature
        if (verifySignature(base64UrlHeader, base64UrlClaims, signature, certificate.getPublicKey())) {
            System.out.println("JWT signature is valid");
        } else {
            System.out.println("JWT signature is invalid");
        }
    }

    private static X509Certificate getCertificateFromPEM(String certificatePEM) throws Exception {
        certificatePEM = certificatePEM.replace("-----BEGIN CERTIFICATE-----", "")
                .replace("-----END CERTIFICATE-----", "")
                .replaceAll("\\s+", "");

        final var certificateBytes = Base64.getDecoder().decode(certificatePEM);

        final var certificateFactory = java.security.cert.CertificateFactory.getInstance("X.509");
        return (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(certificateBytes));
    }

    private static boolean verifySignature(final String base64UrlHeader, final String base64UrlClaims, final String signature, final PublicKey publicKey) throws Exception {
        final var signedData = base64UrlHeader + "." + base64UrlClaims;
        final var signatureBytes = Base64.getUrlDecoder().decode(signature);

        final var verifier = Signature.getInstance("SHA256withRSA");
        verifier.initVerify(publicKey);
        verifier.update(signedData.getBytes());

        return verifier.verify(signatureBytes);
    }
}

Here's how the code works:

  1. Load the JWT token and public certificate from their respective PEM files.
  2. Parse the JWT token into its components: header, claims, and signature.
  3. Verify the signature by re-signing the header and claims and comparing it with the provided signature.

Replace <PUBLIC_CERT_PEM> and <JWT_TOKEN> with the actual content of your public certificate PEM file and the JWT token you want to validate.

Summary

In this article, we've explored how to generate and validate JWT tokens in Java using PEM files. This approach allows you to secure your applications by creating and verifying digitally signed tokens. Make sure to keep your private keys and certificates secure, as they are crucial for the security of your JWT-based authentication system.

Related Topic

Generating a Self-signed CA Certificate for JSON Web Token (JWT) in Java

« Older posts Newer posts »

© 2025 Ron and Ella Wiki Page

Theme by Anders NorenUp ↑