use of com.auth0.flickr2.domain.User in project Automated-Parking-Lot by ParkingLotDevOps.
the class CustomAuthenticationFilter method successfulAuthentication.
@Override
protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authentication) throws IOException, ServletException {
User user = (User) authentication.getPrincipal();
// TODO : de adaugat cheia intr-un fisier de configurare
Algorithm algorithm = Algorithm.HMAC256("secret".getBytes());
String access_token = JWT.create().withSubject(request.getParameter("email")).withExpiresAt(new Date(System.currentTimeMillis() + 30 * 10 * 1000)).withIssuer(request.getRequestURL().toString()).withClaim("roles", user.getAuthorities().stream().map(GrantedAuthority::getAuthority).collect(Collectors.toList())).sign(algorithm);
String refresh_token = JWT.create().withSubject(request.getParameter("email")).withExpiresAt(new Date(System.currentTimeMillis() + 24 * 60 * 60 * 1000)).withIssuer(request.getRequestURL().toString()).withClaim("roles", user.getAuthorities().stream().map(GrantedAuthority::getAuthority).collect(Collectors.toList())).sign(algorithm);
Map<String, String> tokens = new HashMap<>();
tokens.put("access_token", access_token);
tokens.put("refresh_token", refresh_token);
response.setContentType("application/json");
new ObjectMapper().writeValue(response.getOutputStream(), tokens);
}
use of com.auth0.flickr2.domain.User in project tanafaso-backend by tanafaso.
the class ApiAuthenticationController method validateAppleAuthCode.
private boolean validateAppleAuthCode(AppleAuthenticationRequest request) {
Map<String, Object> appleApiRequestHeader = new HashMap<>();
appleApiRequestHeader.put("alg", "ES256");
appleApiRequestHeader.put("kid", appleSignInKeyId);
appleApiRequestHeader.put("typ", "JWT");
InputStreamReader appleAuthPrivateKeyInputStreamReader;
try {
appleAuthPrivateKeyInputStreamReader = new InputStreamReader(new ClassPathResource(appleAuthPrivateKeyFile).getInputStream());
} catch (IOException e) {
logger.error("Couldn't read the apple authorization private key file.", e);
return false;
}
ECPrivateKey privateKey;
try {
PemObject pemObject;
pemObject = new PemReader(appleAuthPrivateKeyInputStreamReader).readPemObject();
PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(pemObject.getContent());
KeyFactory factory;
factory = KeyFactory.getInstance("EC");
privateKey = (ECPrivateKey) factory.generatePrivate(spec);
} catch (Exception e) {
logger.error("Could not convert Apple private key into an EC key.", e);
return false;
}
String signedJwt = JWT.create().withHeader(appleApiRequestHeader).withIssuer(appleTeamId).withIssuedAt(new Date(System.currentTimeMillis())).withExpiresAt(new Date(System.currentTimeMillis() + TimeUnit.MINUTES.toMillis(10))).withAudience("https://appleid.apple.com").withSubject("com.tanafaso.azkar").sign(Algorithm.ECDSA256(privateKey));
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
MultiValueMap<String, String> map = new LinkedMultiValueMap<String, String>();
map.add("client_id", "com.tanafaso.azkar");
map.add("client_secret", signedJwt);
map.add("code", request.getAuthCode());
map.add("grant_type", "authorization_code");
HttpEntity<MultiValueMap<String, String>> appleApiRequestHttpEntity = new HttpEntity<>(map, headers);
logger.info("Sending to Apple auth code verification API.");
ResponseEntity<AppleIdToken> appleIdToken = restTemplate.postForEntity("https://appleid.apple.com/auth/token", appleApiRequestHttpEntity, AppleIdToken.class);
if (appleIdToken.getStatusCode() == HttpStatus.OK) {
DecodedJWT decodedJwt = JWT.decode(appleIdToken.getBody().getIdToken());
boolean emailIsVerified = decodedJwt.getClaim("email_verified").asString().equals("true");
String potentiallyVerifiedEmail = decodedJwt.getClaim("email").asString().toLowerCase();
if (emailIsVerified && potentiallyVerifiedEmail.equals(request.getEmail())) {
return true;
}
logger.info("Failed to verify user signing in with apple: email={}, firstName={}, " + "lastName={}, emailIsVerified={}, appleApiReturnedEmail={}", request.getEmail(), request.getFirstName(), request.getLastName(), emailIsVerified, potentiallyVerifiedEmail);
return false;
}
logger.info("Failed to verify user signing in with apple as apple API returned status code: " + "{} for email={}, firstName={}, lastName={}", appleIdToken.getStatusCode().toString(), request.getEmail(), request.getFirstName(), request.getLastName());
return false;
}
use of com.auth0.flickr2.domain.User in project UPE_2021_2_Propague by netrometro.
the class AuthenticationCustomFilter method successfulAuthentication.
@Override
protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication autenticacao) throws IOException, ServletException {
User user = (User) autenticacao.getPrincipal();
Algorithm algoritmo = Algorithm.HMAC256("secret".getBytes());
String tokenAcesso = JWT.create().withSubject(user.getUsername()).withExpiresAt(new Date(System.currentTimeMillis() + 10 * 60 * 1000)).withIssuer(request.getRequestURL().toString()).withClaim("tipos", user.getAuthorities().stream().map(GrantedAuthority::getAuthority).collect(Collectors.toList())).sign(algoritmo);
String tokenRefresh = JWT.create().withSubject(user.getUsername()).withExpiresAt(new Date(System.currentTimeMillis() + 30 * 60 * 1000)).withIssuer(request.getRequestURL().toString()).sign(algoritmo);
Map<String, String> tokens = new HashMap<>();
tokens.put("token_acesso", tokenAcesso);
tokens.put("token_refresh", tokenRefresh);
tokens.put("email_usuario", user.getUsername());
response.setContentType(MediaType.APPLICATION_JSON_VALUE);
new ObjectMapper().writeValue(response.getOutputStream(), tokens);
}
use of com.auth0.flickr2.domain.User in project iris-client by iris-connect.
the class JWTAuthorizationFilter method authenticate.
/**
* This method is called if the user supplied a jwt token.
*
* @param token JSON Web Token
* @return
*/
private UserAccountAuthentication authenticate(String token) {
DecodedJWT jwt = jwtVerifier.verify(token);
var userName = jwt.getSubject();
var userAccount = userService.findByUsername(userName);
if (userAccount.isPresent() && jwtVerifier.isTokenWhitelisted(token)) {
var authority = new SimpleGrantedAuthority(jwt.getClaim(JWT_CLAIM_USER_ROLE).asString());
return new UserAccountAuthentication(userAccount.get(), true, List.of(authority));
}
return null;
}
use of com.auth0.flickr2.domain.User in project openware by open-inc.
the class UserService method jwtToUser.
public User jwtToUser(String token) {
if (jwtVerifier == null)
return null;
try {
DecodedJWT userJWT = jwtVerifier.verify(token);
Claim userid = userJWT.getClaim("uid");
if (!userid.isNull())
return getUserByUID(userid.asString());
Claim username = userJWT.getClaim("username");
if (!username.isNull())
return getUserByUsername(username.asString());
Claim usermail = userJWT.getClaim("usermail");
if (!usermail.isNull())
return getActiveUsers().stream().filter(new Predicate<User>() {
@Override
public boolean test(User t) {
return t.getEmail().toLowerCase().equals(usermail.asString().toLowerCase());
}
}).findFirst().get();
return null;
} catch (JWTVerificationException e) {
return null;
}
}
Aggregations