Tried to use signWith(), with algo override, but it ends up error it can't detect the method, as on the docs.

[benyaminl]

I have problem, I can't even change/override the crypt signer type using new method provided in new jwts. (https://github.com/jwtk/jjwt#signaturealgorithm-override), I'm having JDK 17 on Ubuntu 22.04. (I just hope this isn't silly mistake, hopefully I'm wrong, and It's silly mistake.. )

This is my dependency (it's spring boot project)

dependencies {
	// This is for JWT, this is bigger than auth0 JWT.io implementtaion
	// https://mvnrepository.com/artifact/io.jsonwebtoken/jjwt-api
	implementation group: 'io.jsonwebtoken', name: 'jjwt-api', version: '0.12.3'
	// https://mvnrepository.com/artifact/io.jsonwebtoken/jjwt-impl
	runtimeOnly group: 'io.jsonwebtoken', name: 'jjwt-impl', version: '0.12.3'
	// https://mvnrepository.com/artifact/io.jsonwebtoken/jjwt-jackson
	runtimeOnly group: 'io.jsonwebtoken', name: 'jjwt-jackson', version: '0.12.3'
}

This is the code snippet (part of the service), the secret is irelevant because it's quite a copy paste from the https://www.geeksforgeeks.org/spring-boot-3-0-jwt-authentication-with-spring-security-using-mysql-database/ (step 7, but I don't use same dependency, the newer dependency, new method provided by ver 0.12.3).

    public static final String SECRET = "5367566B59703373367639792F423F4528482B4D6251655468576D5A71347437"; 
    public String generateToken(String userName) { 
        Map<String, Object> claims = new HashMap<>(); 
        return createToken(claims, userName); 
    } 
  
    private String createToken(Map<String, Object> claims, String userName) { 
        return Jwts.builder() 
                .claims().add(claims)
                .subject(userName)
                .issuedAt(new Date(System.currentTimeMillis())) 
                .expiration(new Date(System.currentTimeMillis() + 1000 * 60 * 30)) 
                .and()
                // .signWith(getSignKey())
                .signWith(getSignKey(), Jwts.SIG.HS256)
                .compact(); 
    } 
  
    private Key getSignKey() { 
        // byte[] keyBytes = Decoders.BASE64.decode(SECRET); 
        // return Keys.hmacShaKeyFor(keyBytes); 
        return SIG.HS256.key().build();
    } 

And in build and in VS Code this error occured :

/home/ben/Code/spring-boot/initial/src/main/java/id/salt/restservice/Services/JwtService.java:34: error: no suitable method found for signWith(Key,MacAlgorithm)
                .signWith(getSignKey(), Jwts.SIG.HS256)

vs code

The method signWith(Key, SignatureAlgorithm) in the type JwtBuilder is not applicable for the arguments (Key, MacAlgorithm)Java(67108979)

I'm quite confused here. Any pointer really appreciated. Thank you

[benyaminl]

God, for real... this is silly mistake?

I only need to change the interface from Key to SecretKey (as per docs on the method getSignKey()), and it just works?

    private SecretKey getSignKey() { 

Does that mean on the method signWith

<K extends Key> JwtBuilder signWith(K key, SecureDigestAlgorithm<? super K, ?> alg) throws InvalidKeyException;

require us to use extension of Key? like the explanation of https://stackoverflow.com/questions/8537500/java-the-meaning-of-t-extends-comparablet#comment10577175_8537500 ?

I'm confused tbh... (this is the first time I see this kind of generics, even in C# I'm never seen this, tbh...)

[lhazlewood]

The generics signature ensures that the type of key you are providing as the key argument is the type supported by the SecureDigestAlgorithm instance. This prevents using, say, a generic Key with an algorithm that requires a SecretKey, or, for example, using a PublicKey when the algorithm requires a PrivateKey. Hopefully that makes sense!