Examples with Claim com.auth0.android.jwt.Claim used on opensource projects

Search in sources :

Example 16 with Claim

use of com.auth0.android.jwt.Claim in project chemvantage by chuckwight.

the class LTIv1p3Launch method ltiv1p3LaunchRequest.

void ltiv1p3LaunchRequest(HttpServletRequest request, HttpServletResponse response) throws Exception {
    // StringBuffer debug = new StringBuffer();
    // ensures proper OIDC authorization flow completed
    JsonObject state = validateStateToken(request);
    // returns the validated Deployment
    Deployment d = validateIdToken(request);
    // Decode the JWT id_token payload as a JsonObject:
    JsonObject claims = null;
    try {
        DecodedJWT id_token = JWT.decode(request.getParameter("id_token"));
        String json = new String(Base64.getUrlDecoder().decode(id_token.getPayload()));
        claims = JsonParser.parseString(json).getAsJsonObject();
    } catch (Exception e) {
        throw new Exception("id_token was not a valid JWT.");
    }
    // verify that the redirect_uri are consistent with the state token:
    if (!state.get("redirect_uri").getAsString().contains("https://" + request.getServerName() + "/lti/launch"))
        throw new Exception("Invalid redirect_uri.");
    // required
    verifyLtiMessageClaims(claims);
    User user = getUserClaims(claims);
    switch(claims.get("https://purl.imsglobal.org/spec/lti/claim/message_type").getAsString()) {
        case "LtiResourceLinkRequest":
            launchResourceLink(request, response, d, user, claims);
            break;
        case "LtiSubmissionReviewRequest":
            launchSubmissionReview(response, claims, d, user);
            break;
    }
}
Also used : JsonObject(com.google.gson.JsonObject) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT) ServletException(javax.servlet.ServletException) IOException(java.io.IOException)

Example 17 with Claim

use of com.auth0.android.jwt.Claim in project java-jwt by auth0.

the class PayloadDeserializer method getDateFromSeconds.

Date getDateFromSeconds(Map<String, JsonNode> tree, String claimName) {
    JsonNode node = tree.get(claimName);
    if (node == null || node.isNull()) {
        return null;
    }
    if (!node.canConvertToLong()) {
        throw new JWTDecodeException(String.format("The claim '%s' contained a non-numeric date value.", claimName));
    }
    final long ms = node.asLong() * 1000;
    return new Date(ms);
}
Also used : JWTDecodeException(com.auth0.jwt.exceptions.JWTDecodeException) JsonNode(com.fasterxml.jackson.databind.JsonNode)

Example 18 with Claim

use of com.auth0.android.jwt.Claim in project supertokens-core by supertokens.

the class JWTCreateTest method testThatDecodedJWTUsesCustomIssuer.

/**
 * Test that final JWT uses custom iss claim instead of jwks domain
 */
@Test
public void testThatDecodedJWTUsesCustomIssuer() throws Exception {
    String[] args = { "../" };
    TestingProcessManager.TestingProcess process = TestingProcessManager.start(args);
    assertNotNull(process.checkOrWaitForEvent(ProcessState.PROCESS_STATE.STARTED));
    String algorithm = "RS256";
    JsonObject payload = new JsonObject();
    payload.addProperty("iss", "http://customiss");
    String jwksDomain = "http://localhost";
    long validity = 3600;
    String jwt = JWTSigningFunctions.createJWTToken(process.getProcess(), algorithm, payload, jwksDomain, validity);
    DecodedJWT decodedJWT = JWT.decode(jwt);
    String issuer = decodedJWT.getIssuer();
    if (!issuer.equals("http://customiss")) {
        throw new Exception("Decoded JWT does not contain 'iss' claim matching user defined value");
    }
    process.kill();
    assertNotNull(process.checkOrWaitForEvent(ProcessState.PROCESS_STATE.STOPPED));
}
Also used : TestingProcessManager(io.supertokens.test.TestingProcessManager) JsonObject(com.google.gson.JsonObject) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT) UnsupportedJWTSigningAlgorithmException(io.supertokens.jwt.exceptions.UnsupportedJWTSigningAlgorithmException) Test(org.junit.Test)

Example 19 with Claim

use of com.auth0.android.jwt.Claim in project supertokens-core by supertokens.

the class JWTCreateTest method testThatDecodedJWTHasAValidHeader.

/**
 * Verify that the JWT header has the required properties and that the values are valid
 */
@Test
public void testThatDecodedJWTHasAValidHeader() throws Exception {
    String[] args = { "../" };
    TestingProcessManager.TestingProcess process = TestingProcessManager.start(args);
    assertNotNull(process.checkOrWaitForEvent(ProcessState.PROCESS_STATE.STARTED));
    String algorithm = "RS256";
    JsonObject payload = new JsonObject();
    payload.addProperty("customClaim", "customValue");
    String jwksDomain = "http://localhost";
    long validity = 3600;
    String jwt = JWTSigningFunctions.createJWTToken(process.getProcess(), algorithm, payload, jwksDomain, validity);
    DecodedJWT decodedJWT = JWT.decode(jwt);
    Claim headerAlg = decodedJWT.getHeaderClaim("alg");
    Claim headerType = decodedJWT.getHeaderClaim("typ");
    Claim headerKeyId = decodedJWT.getHeaderClaim("kid");
    if (headerAlg.isNull() || headerType.isNull() || headerKeyId.isNull()) {
        throw new Exception("JWT header is missing one or more required claim (alg, typ, kid)");
    }
    if (!headerAlg.asString().equals(algorithm)) {
        throw new Exception("Algorithm in JWT header does not match algorithm passed to JWTSigningFunctions.createJWTToken");
    }
    if (!headerType.asString().equals("JWT")) {
        throw new Exception("JWT header contains wrong type: Expected: JWT, Actual: " + headerType.asString());
    }
    if (headerKeyId.asString().isEmpty()) {
        throw new Exception("Value for kid in JWT header is invalid");
    }
    process.kill();
    assertNotNull(process.checkOrWaitForEvent(ProcessState.PROCESS_STATE.STOPPED));
}
Also used : TestingProcessManager(io.supertokens.test.TestingProcessManager) JsonObject(com.google.gson.JsonObject) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT) Claim(com.auth0.jwt.interfaces.Claim) UnsupportedJWTSigningAlgorithmException(io.supertokens.jwt.exceptions.UnsupportedJWTSigningAlgorithmException) Test(org.junit.Test)

Example 20 with Claim

use of com.auth0.android.jwt.Claim in project supertokens-core by supertokens.

the class JWTSigningAPITest2_9 method testThatDecodedJWTHasCustomPayload.

/**
 * Test that the returned JWT payload contains provided custom payload properties
 */
@Test
public void testThatDecodedJWTHasCustomPayload() throws Exception {
    String[] args = { "../" };
    TestingProcessManager.TestingProcess process = TestingProcessManager.start(args);
    assertNotNull(process.checkOrWaitForEvent(ProcessState.PROCESS_STATE.STARTED));
    JsonObject requestBody = new JsonObject();
    requestBody.addProperty("algorithm", "rs256");
    requestBody.addProperty("jwksDomain", "http://localhost");
    JsonObject customPayload = new JsonObject();
    customPayload.addProperty("customClaim", "customValue");
    requestBody.add("payload", customPayload);
    requestBody.addProperty("validity", 3600);
    JsonObject response = HttpRequestForTesting.sendJsonPOSTRequest(process.getProcess(), "", "http://localhost:3567/recipe/jwt", requestBody, 1000, 1000, null, Utils.getCdiVersion2_9ForTests(), "jwt");
    String jwt = response.get("jwt").getAsString();
    DecodedJWT decodedJWT = JWT.decode(jwt);
    Claim customClaim = decodedJWT.getClaim("customClaim");
    assertTrue(!customClaim.isNull() && customClaim.asString().equals("customValue"));
    process.kill();
    assertNotNull(process.checkOrWaitForEvent(ProcessState.PROCESS_STATE.STOPPED));
}
Also used : TestingProcessManager(io.supertokens.test.TestingProcessManager) JsonObject(com.google.gson.JsonObject) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT) Claim(com.auth0.jwt.interfaces.Claim) Test(org.junit.Test)

Aggregations

Claim (com.auth0.jwt.interfaces.Claim)110 Test (org.junit.Test)67 DecodedJWT (com.auth0.jwt.interfaces.DecodedJWT)62 JsonNode (com.fasterxml.jackson.databind.JsonNode)42 Algorithm (com.auth0.jwt.algorithms.Algorithm)24 Date (java.util.Date)24 JWTVerificationException (com.auth0.jwt.exceptions.JWTVerificationException)21 RSAPublicKey (java.security.interfaces.RSAPublicKey)21 Test (org.junit.jupiter.api.Test)18 RSAPrivateKey (java.security.interfaces.RSAPrivateKey)17 JWTVerifier (com.auth0.jwt.JWTVerifier)15 JwksTestKeySource (org.sdase.commons.server.auth.service.testsources.JwksTestKeySource)14 JsonObject (com.google.gson.JsonObject)10 HashMap (java.util.HashMap)9 UserPojo (com.auth0.jwt.UserPojo)8 IOException (java.io.IOException)8 Map (java.util.Map)8 TestingProcessManager (io.supertokens.test.TestingProcessManager)7 NullClaim (com.auth0.jwt.impl.NullClaim)5 JWT (com.auth0.jwt.JWT)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial