0
0
Spring Bootframework~20 mins

JWT generation in Spring Boot - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Challenge - 5 Problems
🎖️
JWT Mastery in Spring Boot
Get all challenges correct to earn this badge!
Test your skills under time pressure!
component_behavior
intermediate
2:00remaining
What is the output of this JWT generation snippet?

Consider this Spring Boot code that generates a JWT token. What will be the value of token after execution?

Spring Boot
String token = Jwts.builder()
  .setSubject("user123")
  .setIssuedAt(new Date())
  .setExpiration(new Date(System.currentTimeMillis() + 60000))
  .signWith(Keys.hmacShaKeyFor("mysecretkeymysecretkeymysecretkey12".getBytes()), SignatureAlgorithm.HS256)
  .compact();
AA valid JWT string with header, payload containing subject 'user123', and signature
BA plain string 'user123' without any JWT structure
CThrows a runtime exception due to invalid key length
DAn empty string because expiration is set in the past
Attempts:
2 left
💡 Hint

Look at the signWith method and the key length used.

📝 Syntax
intermediate
2:00remaining
Which option correctly fixes the syntax error in this JWT builder code?

Identify the correct fix for the syntax error in this JWT generation snippet:

Jwts.builder()
  .setSubject("user")
  .signWith(Keys.hmacShaKeyFor("secretkeysecretkeysecretkey12".getBytes())
  .compact();
ARemove the .compact() call at the end
BAdd a closing parenthesis after getBytes(): .signWith(Keys.hmacShaKeyFor("secretkeysecretkeysecretkey12".getBytes()))
CChange .setSubject("user") to .setSubject(user)
DReplace Keys.hmacShaKeyFor with new SecretKeySpec
Attempts:
2 left
💡 Hint

Count the parentheses carefully.

🔧 Debug
advanced
2:00remaining
Why does this JWT generation code throw an InvalidKeyException?

Examine this code snippet:

byte[] keyBytes = "shortkey".getBytes();
SecretKey key = Keys.hmacShaKeyFor(keyBytes);
String token = Jwts.builder()
  .setSubject("admin")
  .signWith(key, SignatureAlgorithm.HS256)
  .compact();

Why does it throw an InvalidKeyException?

AThe key length is too short for HS256 algorithm
BThe subject 'admin' is not allowed in JWT
CThe SignatureAlgorithm HS256 is deprecated
DThe getBytes() method returns null
Attempts:
2 left
💡 Hint

Check the required key length for HMAC SHA-256.

state_output
advanced
2:00remaining
What is the expiration time of the generated JWT token?

Given this code snippet:

long now = System.currentTimeMillis();
String token = Jwts.builder()
  .setSubject("user")
  .setIssuedAt(new Date(now))
  .setExpiration(new Date(now + 300000))
  .signWith(Keys.hmacShaKeyFor("mysecretkeymysecretkeymysecretkey12".getBytes()), SignatureAlgorithm.HS256)
  .compact();

How long is the token valid after issuance?

A30 seconds
B1 hour
C5 minutes
DNo expiration set
Attempts:
2 left
💡 Hint

Look at the value added to now for expiration.

🧠 Conceptual
expert
3:00remaining
Which option best explains why JWT tokens are stateless in Spring Boot applications?

Why are JWT tokens considered stateless when used for authentication in Spring Boot?

ABecause JWT tokens require server memory to track each token's state
BBecause Spring Boot stores JWT tokens in a centralized database
CBecause JWT tokens expire immediately after creation
DBecause all user information and claims are stored inside the token itself, no server-side session is needed
Attempts:
2 left
💡 Hint

Think about where the user data lives when using JWT.