Examples with Token com.auth0.json.mgmt.Token used on opensource projects

Example 61 with Token

use of com.auth0.json.mgmt.Token in project biosamples-v4 by EBIBioSamples.

the class AapClientService method getJwt.

public synchronized String getJwt() {
    if (username == null || username.trim().length() == 0 || password == null || password.trim().length() == 0) {
        return null;
    }
    // TODO refresh token when less than 5 minutes left, rather than when expired
    if (!jwt.isPresent() || (expiry.isPresent() && expiry.get().before(new Date()))) {
        String auth = username + ":" + password;
        byte[] encodedAuth = Base64.getEncoder().encode(auth.getBytes(Charset.forName("US-ASCII")));
        String authHeader = "Basic " + new String(encodedAuth);
        RequestEntity<?> request = RequestEntity.get(aapUri).header(HttpHeaders.AUTHORIZATION, authHeader).build();
        ResponseEntity<String> response = restOperations.exchange(request, String.class);
        jwt = Optional.of(response.getBody());
        try {
            DecodedJWT decodedJwt = JWT.decode(jwt.get());
            expiry = Optional.of(decodedJwt.getExpiresAt());
        } catch (JWTDecodeException e) {
            // Invalid token
            throw new RuntimeException(e);
        }
        log.info("jwt = " + jwt);
    }
    return jwt.get();
}

Example 62 with Token

use of com.auth0.json.mgmt.Token in project restheart by SoftInstigate.

the class JwtAuthenticationMechanism method authenticate.

@Override
public AuthenticationMechanism.AuthenticationMechanismOutcome authenticate(HttpServerExchange hse, SecurityContext sc) {
    try {
        String token = getToken(hse);
        if (token != null) {
            if (base64Encoded) {
                token = StringUtils.newStringUtf8(Base64.getUrlDecoder().decode(token));
            }
            DecodedJWT verifiedJwt = jwtVerifier.verify(token);
            String subject = verifiedJwt.getClaim(usernameClaim).asString();
            if (subject == null) {
                LOGGER.debug("username not specified with claim {}", usernameClaim);
                sc.authenticationFailed("JwtAuthenticationManager", "username not specified");
                return AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
            }
            Set<String> actualRoles = new LinkedHashSet<>();
            if (rolesClaim != null) {
                Claim _roles = verifiedJwt.getClaim(rolesClaim);
                if (_roles != null && !_roles.isNull()) {
                    try {
                        String[] __roles = _roles.asArray(String.class);
                        if (__roles != null) {
                            for (String role : __roles) {
                                actualRoles.add(role);
                            }
                        } else {
                            LOGGER.debug("roles is not an array: {}", _roles.asString());
                            return AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
                        }
                    } catch (JWTDecodeException ex) {
                        LOGGER.warn("Jwt cannot get roles from claim {}, " + "extepected an array of strings: {}", rolesClaim, _roles.toString());
                    }
                }
            } else if (this.fixedRoles != null) {
                actualRoles.addAll(this.fixedRoles);
            }
            if (this.extraJwtVerifier != null) {
                this.extraJwtVerifier.accept(verifiedJwt);
            }
            var jwtPayload = new String(Base64.getUrlDecoder().decode(verifiedJwt.getPayload()), Charset.forName("UTF-8"));
            JwtAccount account = new JwtAccount(subject, actualRoles, jwtPayload);
            sc.authenticationComplete(account, "JwtAuthenticationManager", false);
            Request.of(hse).addXForwardedHeader("Jwt-Payload", jwtPayload);
            return AuthenticationMechanismOutcome.AUTHENTICATED;
        }
    } catch (JWTVerificationException ex) {
        LOGGER.debug("Jwt not verified: {}", ex.getMessage());
        return AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
    }
    return AuthenticationMechanismOutcome.NOT_ATTEMPTED;
}

Example 63 with Token

use of com.auth0.json.mgmt.Token in project conquery by bakdata.

the class ConqueryTokenRealm method doGetAuthenticationInfo.

@Override
public ConqueryAuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
    if (!(TOKEN_CLASS.isAssignableFrom(token.getClass()))) {
        log.trace("Incompatible token. Expected {}, got {}", TOKEN_CLASS, token.getClass());
        return null;
    }
    log.trace("Token has expected format: {}\tWas: {} ", TOKEN_CLASS, token.getClass());
    DecodedJWT decodedToken = null;
    try {
        decodedToken = jwtConfig.getTokenVerifier(this).verify((String) token.getCredentials());
    } catch (TokenExpiredException e) {
        log.trace("The provided token is expired.");
        throw new ExpiredCredentialsException(e);
    } catch (SignatureVerificationException | InvalidClaimException e) {
        log.trace("The provided token was not successfully verified against its signature or claims.");
        throw new IncorrectCredentialsException(e);
    } catch (JWTVerificationException e) {
        log.trace("The provided token could not be verified.", e);
        throw new AuthenticationException(e);
    } catch (Exception e) {
        log.trace("Unable to decode token", e);
        throw new AuthenticationException(e);
    }
    log.trace("Received valid token.");
    String username = decodedToken.getSubject();
    UserId userId = UserId.Parser.INSTANCE.parse(username);
    final User user = getUserOrThrowUnknownAccount(storage, userId);
    return new ConqueryAuthenticationInfo(user, token, this, true);
}

Example 64 with Token

use of com.auth0.json.mgmt.Token in project teamapps by teamapps-org.

the class MediaSoupV3TokenGenerator method generateJwtToken.

public static String generateJwtToken(String secret, MediaSoupV3ApiOperation operation, String streamUuid, Duration tokenValidityDuration) {
    if (secret == null) {
        return "";
    }
    try {
        Algorithm algorithm = Algorithm.HMAC512(secret);
        JWTCreator.Builder builder = JWT.create();
        if (operation != null) {
            builder = builder.withClaim("operation", operation.ordinal());
        }
        if (streamUuid != null) {
            builder = builder.withClaim("stream", streamUuid);
        }
        if (tokenValidityDuration != null) {
            builder = builder.withExpiresAt(new Date(Instant.now().plus(tokenValidityDuration).toEpochMilli()));
        }
        return builder.sign(algorithm);
    } catch (JWTCreationException exception) {
        throw new RuntimeException("Could not create auth token - this should never happen!");
    }
}

Example 65 with Token

use of com.auth0.json.mgmt.Token in project drug-formulary-ri by HL7-DaVinci.

the class IntrospectionEndpoint method handleIntrospection.

public static ResponseEntity<String> handleIntrospection(String token) {
    JSONObject response = new JSONObject();
    String baseUrl = AuthUtils.getFhirBaseUrl();
    try {
        Algorithm algorithm = Algorithm.RSA256(OauthEndpointController.getPublicKey(), null);
        JWTVerifier verifier = JWT.require(algorithm).withIssuer(baseUrl).withAudience(baseUrl).build();
        DecodedJWT jwt = verifier.verify(token);
        response.put("active", true);
        response.put("aud", jwt.getAudience().get(0));
        response.put("iss", jwt.getIssuer());
        // Display in sec not ms
        response.put("exp", jwt.getExpiresAt().getTime() / 1000);
        // Display in sec not ms
        response.put("iat", jwt.getIssuedAt().getTime() / 1000);
        response.put("patient_id", jwt.getClaim("patient_id").asString());
    } catch (JWTVerificationException exception) {
        response.put("active", false);
    }
    return new ResponseEntity<>(response.toString(), HttpStatus.OK);
}