use of org.springframework.security.jwt.Jwt in project CzechIdMng by bcvsolutions.
the class TestAppAuthenticationFilter method authorize.
@Override
public boolean authorize(String token, HttpServletRequest request, HttpServletResponse response) {
try {
Optional<Jwt> jwt = HttpFilterUtils.parseToken(token);
if (!jwt.isPresent()) {
return false;
}
Map<String, Object> claims = verifyTokenAndGetClaims(jwt.get());
String userName = (String) claims.get(HttpFilterUtils.JWT_USER_NAME);
IdmIdentityDto identity = identityService.getByUsername(userName);
// not important - either new refreshed token or data are returned to user
DateTime expiration = null;
Collection<GrantedAuthority> authorities = null;
if (shouldGrantAuthoritiesForPath(request.getServletPath())) {
authorities = grantedAuthoritiesFactory.getGrantedAuthoritiesForIdentity(identity.getId());
} else {
authorities = new ArrayList<>();
}
IdmJwtAuthentication ija = new IdmJwtAuthentication(identity, expiration, authorities, EntityUtils.getModule(this.getClass()));
SecurityContextHolder.getContext().setAuthentication(ija);
return true;
} catch (Exception e) {
e.printStackTrace();
}
return false;
}
use of org.springframework.security.jwt.Jwt in project CzechIdMng by bcvsolutions.
the class ExtendExpirationFilterTest method getIdmJwtDto.
private IdmJwtAuthenticationDto getIdmJwtDto(MvcResult result) throws IOException {
String extended = result.getResponse().getHeader(JwtAuthenticationMapper.AUTHENTICATION_TOKEN_NAME);
Assert.assertNotNull(extended);
Jwt decoded = JwtHelper.decode(extended);
decoded.verifySignature(jwtMapper.getVerifier());
IdmJwtAuthenticationDto extendedDto = jwtMapper.getClaims(decoded);
return extendedDto;
}
use of org.springframework.security.jwt.Jwt in project faf-java-server by FAForever.
the class UserService method login.
@SneakyThrows
@SuppressWarnings("unchecked")
public void login(String uniqueId, String jwtString) {
Jwt jwt = JwtHelper.decodeAndVerify(jwtString, macSigner);
Map<String, Object> claims = objectMapper.readValue(jwt.getClaims(), Map.class);
Object userId = claims.get(KEY_USER_ID);
// Requests.verify(!playerService.isPlayerOnline(loginRequest.getLogin()), ErrorCode.USER_ALREADY_CONNECTED, loginRequest.getLogin());
// log.debug("Processing login request from user: {}", loginRequest.getLogin());
// try {
// UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(loginRequest.getLogin(), loginRequest.getPassword());
//
// Authentication authentication = authenticationManager.authenticate(token);
// FafUserDetails userDetails = (FafUserDetails) authentication.getPrincipal();
//
// clientConnection.setAuthentication(authentication);
// Player player = userDetails.getPlayer();
// player.setClientConnection(clientConnection);
// geoIpService.lookupCountryCode(clientConnection.getClientAddress()).ifPresent(player::setCountry);
//
// uniqueIdService.verify(player, loginRequest.getUniqueId());
// chatService.updateIrcPassword(userDetails.getUsername(), loginRequest.getPassword());
//
// eventPublisher.publishEvent(new PlayerOnlineEvent(this, player));
// } catch (BadCredentialsException e) {
// throw new RequestException(e, ErrorCode.INVALID_LOGIN);
// }
}
use of org.springframework.security.jwt.Jwt in project sw360portal by sw360.
the class IntegrationTestBase method checkJwtClaims.
protected JsonNode checkJwtClaims(ResponseEntity<String> responseEntity, String expectedAuthority) throws IOException {
String responseBody = responseEntity.getBody();
assertThat(HttpStatus.OK, is(responseEntity.getStatusCode()));
JsonNode responseBodyJsonNode = new ObjectMapper().readTree(responseBody);
assertThat(responseBodyJsonNode.has("access_token"), is(true));
String accessToken = responseBodyJsonNode.get("access_token").asText();
Jwt jwt = JwtHelper.decode(accessToken);
String jwtClaims = jwt.getClaims();
JsonNode jwtClaimsJsonNode = new ObjectMapper().readTree(jwtClaims);
assertThat(jwtClaimsJsonNode.get("aud").get(0).asText(), is("sw360-REST-API"));
assertThat(jwtClaimsJsonNode.get("client_id").asText(), is("trusted-sw360-client"));
JsonNode scopeNode = jwtClaimsJsonNode.get("scope");
assertThat(scopeNode.get(0).asText(), is("all"));
assertThat(scopeNode.size(), is(1));
JsonNode authoritiesJsonNode = jwtClaimsJsonNode.get("authorities");
assertThat(authoritiesJsonNode.get(0).asText(), is(expectedAuthority));
return jwtClaimsJsonNode;
}
use of org.springframework.security.jwt.Jwt in project cloudbreak by hortonworks.
the class CachedRemoteTokenService method getSSOAuthentication.
private OAuth2Authentication getSSOAuthentication(String accessToken) {
try {
SignatureVerifier verifier = isAssymetricKey(jwtSignKey) ? new RsaVerifier(jwtSignKey) : new MacSigner(jwtSignKey);
Jwt jwt = JwtHelper.decodeAndVerify(accessToken, verifier);
Map<String, Object> claims = objectMapper.readValue(jwt.getClaims(), new MapTypeReference());
Object userClaim = claims.get("user");
Map<String, Object> tokenMap = new HashMap<>();
Map<String, Object> userMap = objectMapper.readValue(userClaim.toString(), new MapTypeReference());
String exp = claims.get("exp").toString();
tokenMap.put("exp", Long.valueOf(exp));
Object email = userMap.get("email");
tokenMap.put("user_id", email);
tokenMap.put("user_name", email);
tokenMap.put("scope", Arrays.asList("cloudbreak.networks.read", "periscope.cluster", "cloudbreak.usages.user", "cloudbreak.recipes", "openid", "cloudbreak.templates.read", "cloudbreak.usages.account", "cloudbreak.events", "cloudbreak.stacks.read", "cloudbreak.blueprints", "cloudbreak.networks", "cloudbreak.templates", "cloudbreak.credentials.read", "cloudbreak.securitygroups.read", "cloudbreak.securitygroups", "cloudbreak.stacks", "cloudbreak.credentials", "cloudbreak.recipes.read", "cloudbreak.blueprints.read"));
OAuth2AccessToken oAuth2AccessToken = jwtAccessTokenConverter.extractAccessToken(accessToken, tokenMap);
if (oAuth2AccessToken.isExpired()) {
throw new InvalidTokenException("The token has expired");
}
OAuth2Authentication oAuth2Authentication = jwtAccessTokenConverter.extractAuthentication(tokenMap);
if (oAuth2Authentication != null) {
LOGGER.info("JWT token verified for: {}", oAuth2Authentication.getPrincipal());
}
return oAuth2Authentication;
} catch (IOException e) {
LOGGER.error("Failed to parse the JWT token", e);
throw new InvalidTokenException("The specified JWT token is invalid", e);
}
}
Aggregations