Examples with JWT - com.auth0.android.jwt.JWT

Example 51 with JWT

use of com.auth0.android.jwt.JWT in project seckill by yt-King.

the class JWTUtils method verify.

/**
 * 校验token是否正确
 * @param token 密钥
 * @param password 用户的密码
 * @return 是否正确
 */
public static boolean verify(String token, String username, String password) {
    Algorithm algorithm = Algorithm.HMAC256(password);
    JWTVerifier verifier = JWT.require(algorithm).withClaim("username", username).build();
    DecodedJWT jwt = verifier.verify(token);
    return true;
}

Also used : Algorithm(com.auth0.jwt.algorithms.Algorithm) JWTVerifier(com.auth0.jwt.JWTVerifier) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)

Example 52 with JWT

use of com.auth0.android.jwt.JWT in project seckill by yt-King.

the class JWTUtils method isExpire.

/**
 * 判断过期
 * @param token
 * @return
 */
public static boolean isExpire(String token) {
    DecodedJWT jwt = null;
    jwt = JWT.decode(token);
    return System.currentTimeMillis() > jwt.getExpiresAt().getTime();
}

Also used : DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)

Example 53 with JWT

use of com.auth0.android.jwt.JWT in project Blockchain_LSImmo3.0_Backend by medsaad2000.

the class JWTAuthorizationFilter method doFilterInternal.

// pour chaque requete envoyée par user cette methode va executée en premier
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
    response.addHeader("Access-Control-Allow-Origin", "*");
    response.addHeader("Access-Control-Allow-Headers", "Origin, Accept, X-Requested-With, Content-Type,  Access-Control-Request-Method, Access-Control-Request-Headers, authorization");
    response.addHeader("Access-Control-Expose-Headers", "Access-Control-Allow-Origin, Access-Control-Allow-Credentials, authorization");
    response.addHeader("Access-Control-Allow-Methods", "GET,POST,PUT,PATCH,DELETE,");
    if (request.getMethod().equals("OPTIONS")) {
        response.setStatus(HttpServletResponse.SC_OK);
    } else if (request.getRequestURI().equals("/login")) {
        filterChain.doFilter(request, response);
        return;
    } else // ------ PUT, GET, POST ... requests ------
    {
        String jwtToken = request.getHeader(SecurityParams.JWT_HEADER_NAME);
        if (jwtToken == null || !jwtToken.startsWith(SecurityParams.HEADER_PREFIX)) {
            filterChain.doFilter(request, response);
            return;
        }
        // ----- JWT decode ------- ----
        // ----------- sign JWT ----------
        JWTVerifier verifier = JWT.require(Algorithm.HMAC256(SecurityParams.SECRET)).build();
        // ---- remove prefix---------
        String jwt = jwtToken.substring(SecurityParams.HEADER_PREFIX.length());
        DecodedJWT decodeJWT = verifier.verify(jwt);
        // ----- get username --------
        String username = decodeJWT.getSubject();
        // ------ get roles -------------
        List<String> roles = decodeJWT.getClaims().get("roles").asList(String.class);
        // ------ convert roles into grantedAuthorities -------
        Collection<GrantedAuthority> authorities = new ArrayList<>();
        roles.forEach(rn -> {
            authorities.add(new SimpleGrantedAuthority(rn));
        });
        // ---------- user authentication ----------
        UsernamePasswordAuthenticationToken user = new UsernamePasswordAuthenticationToken(username, null, authorities);
        SecurityContextHolder.getContext().setAuthentication(user);
        filterChain.doFilter(request, response);
    }
}

Also used : JWT(com.auth0.jwt.JWT) FilterChain(javax.servlet.FilterChain) ServletException(javax.servlet.ServletException) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT) Collection(java.util.Collection) HttpServletResponse(javax.servlet.http.HttpServletResponse) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) OncePerRequestFilter(org.springframework.web.filter.OncePerRequestFilter) IOException(java.io.IOException) ArrayList(java.util.ArrayList) GrantedAuthority(org.springframework.security.core.GrantedAuthority) List(java.util.List) HttpServletRequest(javax.servlet.http.HttpServletRequest) JWTVerifier(com.auth0.jwt.JWTVerifier) Algorithm(com.auth0.jwt.algorithms.Algorithm) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) SecurityContextHolder(org.springframework.security.core.context.SecurityContextHolder) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) Collection(java.util.Collection) ArrayList(java.util.ArrayList) List(java.util.List) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) JWTVerifier(com.auth0.jwt.JWTVerifier) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)

Example 54 with JWT

use of com.auth0.android.jwt.JWT in project jobs by damingerdai.

the class JwtTool method verifyToken.

public static boolean verifyToken(String token, String secret) {
    try {
        Algorithm algorithm = Algorithm.HMAC256(secret);
        var verifier = JWT.require(algorithm).build();
        var jwt = verifier.verify(token);
        return true;
    } catch (Exception ex) {
        ex.printStackTrace();
        return false;
    }
}

Also used : Algorithm(com.auth0.jwt.algorithms.Algorithm)

Example 55 with JWT

use of com.auth0.android.jwt.JWT in project GCAuth-OAuth by Xtao-Team.

the class VerifyHandler method handle.

public static void handle(Request req, Response res) {
    VerifyJson request = req.body(VerifyJson.class);
    LoginResultJson responseData = new LoginResultJson();
    DecodedJWT jwt = parse.deToken(request.access_token);
    Account account = null;
    if (jwt != null) {
        account = Authentication.getAccountByOneTimeToken(jwt.getClaim("token").asString());
    }
    // Login
    if (account == null) {
        Grasscutter.getLogger().info("[GCAuth] Client " + req.ip() + " failed to log in");
        responseData.retcode = -201;
        responseData.message = "Token is invalid";
        res.send(responseData);
        return;
    }
    // Account was found, log the player in
    responseData.message = "OK";
    responseData.data.account.uid = account.getId();
    responseData.data.account.token = account.generateSessionKey();
    responseData.data.account.email = account.getEmail();
    responseData.data.account.twitter_name = account.getUsername();
    Grasscutter.getLogger().info(String.format("[GCAuth] Client %s logged in as %s", req.ip(), responseData.data.account.uid));
    res.send(responseData);
}

Also used : LoginResultJson(emu.grasscutter.server.http.objects.LoginResultJson) Account(emu.grasscutter.game.Account) VerifyJson(com.xtaolabs.gcauth_oauth.json.VerifyJson) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)

Aggregations

DecodedJWT (com.auth0.jwt.interfaces.DecodedJWT)305 Test (org.junit.Test)217 Algorithm (com.auth0.jwt.algorithms.Algorithm)110 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)82 JWTVerifier (com.auth0.jwt.JWTVerifier)79 IOException (java.io.IOException)60 JWTVerificationException (com.auth0.jwt.exceptions.JWTVerificationException)54 ECDSAAlgorithmTest (com.auth0.jwt.algorithms.ECDSAAlgorithmTest)53 Date (java.util.Date)50 Claim (com.auth0.jwt.interfaces.Claim)36 RSAPublicKey (java.security.interfaces.RSAPublicKey)34 ECPublicKey (java.security.interfaces.ECPublicKey)27 ECDSAKeyProvider (com.auth0.jwt.interfaces.ECDSAKeyProvider)26 HashMap (java.util.HashMap)25 JWTDecodeException (com.auth0.jwt.exceptions.JWTDecodeException)20 Instant (java.time.Instant)20 JsonObject (com.google.gson.JsonObject)19 ServletException (javax.servlet.ServletException)19 JWT (com.auth0.jwt.JWT)18 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)18