Examples with JWT - com.auth0.android.jwt.JWT

Example 91 with JWT

use of com.auth0.android.jwt.JWT in project cryptography by norkator.

the class JWT method createECDSA256Jwt.

/**
 * Create elliptic curve based JWT
 *
 * @param privatePem of EC keypair
 * @param issuer     party name
 * @return json web token
 * @throws JWTCreationException if jwt creation fails
 */
public static String createECDSA256Jwt(String privatePem, String issuer) throws InvalidKeySpecException, NoSuchAlgorithmException {
    ECKey privateKey = (ECKey) PEMToKey.getPemPrivateKey(privatePem, "ECDSA");
    Algorithm algorithm = Algorithm.ECDSA256(privateKey);
    return com.auth0.jwt.JWT.create().withIssuer(issuer).withClaim("test claim", "test claim value").sign(algorithm);
}

Also used : ECKey(java.security.interfaces.ECKey) Algorithm(com.auth0.jwt.algorithms.Algorithm)

Example 92 with JWT

use of com.auth0.android.jwt.JWT in project cryptography by norkator.

the class JWT method verifyECDSA256Jwt.

/**
 * Verify elliptic curve based JWT
 *
 * @param publicPem of key pair
 * @param issuer    party name
 * @param token     of created jwt
 * @return DecodedJWT including claims
 * @throws JWTVerificationException thrown if verification fails
 */
public static DecodedJWT verifyECDSA256Jwt(String publicPem, String issuer, final String token) throws JWTVerificationException, InvalidKeySpecException, NoSuchAlgorithmException {
    ECKey publicKey = (ECKey) PEMToKey.getPemPublicKey(publicPem, "ECDSA");
    Algorithm algorithm = Algorithm.ECDSA256(publicKey);
    JWTVerifier verifier = com.auth0.jwt.JWT.require(algorithm).withIssuer(issuer).build();
    return verifier.verify(token);
}

Also used : ECKey(java.security.interfaces.ECKey) Algorithm(com.auth0.jwt.algorithms.Algorithm) JWTVerifier(com.auth0.jwt.JWTVerifier)

Example 93 with JWT

use of com.auth0.android.jwt.JWT in project witsTalk by XinSin-top.

the class JWTTokenUtils method getToken.

/*
    * 创建token
    * */
public static String getToken(Map<String, String> map) {
    Calendar instance = Calendar.getInstance();
    // 默认两个小时过期
    instance.add(Calendar.HOUR, 2);
    // 创建jwt builder
    JWTCreator.Builder builder = JWT.create();
    // payload
    map.forEach((k, v) -> {
        builder.withClaim(k, v);
    });
    String token = // 指定令牌过期时间
    builder.withExpiresAt(instance.getTime()).sign(Algorithm.HMAC512(KEY));
    return token;
}

Also used : JWTCreator(com.auth0.jwt.JWTCreator) Calendar(java.util.Calendar)

Example 94 with JWT

use of com.auth0.android.jwt.JWT in project Minecraft-Server-WebStore by Ba1oretto.

the class JwtUtils method verity.

/**
 * 校验token
 * @return boolean
 */
public static boolean verity() {
    HttpServletRequest request = SpringContextUtils.getHttpServletRequest();
    // 从请求头部中获取token信息
    String token = request.getHeader(HEADER_KEY);
    if (StringUtils.isBlank(token)) {
        return false;
    }
    if (!token.startsWith(PREFIX)) {
        CommonUtils.throwRuntimeException(StatusEnum.WRONG_PREFIX);
    }
    token = token.replace(PREFIX, "");
    try {
        Algorithm algorithm = Algorithm.HMAC256(SECRET);
        JWTVerifier verifier = JWT.require(algorithm).build();
        DecodedJWT jwt = verifier.verify(token);
        if (null == jwt) {
            return false;
        }
        // 判断过期时间
        long time = (jwt.getExpiresAt().getTime() - System.currentTimeMillis());
        // 有效期只有不到60分钟，需要刷新token了
        if (REFRESH_TIME > time) {
            String newToken = createToken(jwt.getClaim(UUID).asString());
            // 将新的token放入响应请求头中
            SpringContextUtils.getHttpServletResponse().setHeader(HEADER_KEY, newToken);
        }
        return true;
    } catch (Exception e) {
        log.error("token verified error, {}", e.getMessage());
    }
    return false;
}

Also used : HttpServletRequest(jakarta.servlet.http.HttpServletRequest) Algorithm(com.auth0.jwt.algorithms.Algorithm) JWTVerifier(com.auth0.jwt.JWTVerifier) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)

Example 95 with JWT

use of com.auth0.android.jwt.JWT in project iris-client by iris-connect.

the class CustomLogoutHandler method logout.

@Override
public void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
    String header = httpServletRequest.getHeader(HttpHeaders.AUTHORIZATION);
    if (StringUtils.isEmpty(header) || !header.startsWith(BEARER_TOKEN_PREFIX)) {
        return;
    }
    var token = header.replace(BEARER_TOKEN_PREFIX, "");
    DecodedJWT jwt = jwtService.verify(token);
    jwtService.invalidateTokensOfUser(jwt.getSubject());
}

Also used : DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)

Aggregations

DecodedJWT (com.auth0.jwt.interfaces.DecodedJWT)305 Test (org.junit.Test)217 Algorithm (com.auth0.jwt.algorithms.Algorithm)110 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)82 JWTVerifier (com.auth0.jwt.JWTVerifier)79 IOException (java.io.IOException)60 JWTVerificationException (com.auth0.jwt.exceptions.JWTVerificationException)54 ECDSAAlgorithmTest (com.auth0.jwt.algorithms.ECDSAAlgorithmTest)53 Date (java.util.Date)50 Claim (com.auth0.jwt.interfaces.Claim)36 RSAPublicKey (java.security.interfaces.RSAPublicKey)34 ECPublicKey (java.security.interfaces.ECPublicKey)27 ECDSAKeyProvider (com.auth0.jwt.interfaces.ECDSAKeyProvider)26 HashMap (java.util.HashMap)25 JWTDecodeException (com.auth0.jwt.exceptions.JWTDecodeException)20 Instant (java.time.Instant)20 JsonObject (com.google.gson.JsonObject)19 ServletException (javax.servlet.ServletException)19 JWT (com.auth0.jwt.JWT)18 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)18