Examples with Token com.auth0.json.mgmt.Token used on opensource projects

Example 66 with Token

use of com.auth0.json.mgmt.Token in project drug-formulary-ri by HL7-DaVinci.

the class PatientAuthorizationInterceptor method verify.

/**
 * Helper method to verify and decode the access token
 *
 * @param token       - the access token
 * @param fhirBaseUrl - the base url of this FHIR server
 * @return the base interface Patient ID datatype if the jwt token is verified
 *         and contains a patient ID in it claim, otherwise null.
 * @throws SignatureVerificationException
 * @throws TokenExpiredException
 * @throws JWTVerificationException
 */
private IIdType verify(String token, String fhirBaseUrl) throws SignatureVerificationException, TokenExpiredException, JWTVerificationException {
    Algorithm algorithm = Algorithm.RSA256(OauthEndpointController.getPublicKey(), null);
    logger.fine("Verifying JWT token iss and aud is " + fhirBaseUrl);
    JWTVerifier verifier = JWT.require(algorithm).withIssuer(fhirBaseUrl).withAudience(fhirBaseUrl).build();
    DecodedJWT jwt = verifier.verify(token);
    String patientId = jwt.getClaim("patient_id").asString();
    if (patientId != null)
        return new IdType("Patient", patientId);
    return null;
}

Example 67 with Token

use of com.auth0.json.mgmt.Token in project drug-formulary-ri by HL7-DaVinci.

the class AuthUtils method authCodeIsValid.

/**
 * Verify the authorization code provided in the POST request's claim to /token
 * path
 *
 * @param code        - the authorization code provided in the request
 * @param baseUrl     - this server base URL
 * @param redirectURI - the requestor/client redirect URI provided in the POST
 *                    request
 * @param clientId    - the client ID retrieved from the request's Authorization
 *                    Header
 * @return patientId if the authorization code is valid, otherwise null
 */
public static String authCodeIsValid(String code, String baseUrl, String redirectURI, String clientId) {
    String patientId = null;
    try {
        Algorithm algorithm = Algorithm.RSA256(OauthEndpointController.getPublicKey(), null);
        JWTVerifier verifier = JWT.require(algorithm).withIssuer(baseUrl).withAudience(baseUrl).withClaim(REDIRECT_URI_KEY, redirectURI).withClaim(CLIENT_ID_KEY, clientId).build();
        DecodedJWT jwt = verifier.verify(code);
        String username = jwt.getClaim("username").asString();
        User user = User.getUser(username);
        patientId = user != null ? user.getPatientId() : null;
    } catch (SignatureVerificationException | InvalidClaimException e) {
        logger.log(Level.SEVERE, "TokenEndpoint::Authorization code is invalid: Signature invalid or claim value invalid", e);
    } catch (AlgorithmMismatchException e) {
        logger.log(Level.SEVERE, "TokenEndpoint::Authorization code is invalid: Algorithm mismatch", e);
    } catch (TokenExpiredException e) {
        logger.log(Level.SEVERE, "TokenEndpoint::Authorization code is invalid: Token expired", e);
    } catch (JWTVerificationException e) {
        logger.log(Level.SEVERE, "TokenEndpoint::Authorization code is invalid: Please obtain a new code", e);
    }
    return patientId;
}

Example 68 with Token

use of com.auth0.json.mgmt.Token in project apigee-config-maven-plugin by apigee.

the class RestUtil method isValidBearerToken.

/**
 * This method is used to validate the Bearer token. It validates the source and
 * the expiration and if the token is about to expire in 30 seconds, set as
 * invalid token
 *
 * @param accessToken
 * @param profile
 * @param clientId
 * @return
 * @throws IOException
 */
private boolean isValidBearerToken(String accessToken, ServerProfile profile, String clientId) throws IOException {
    boolean isValid = false;
    try {
        JWT jwt = JWT.decode(accessToken);
        String jwtClientId = jwt.getClaim("client_id").asString();
        String jwtEmailId = jwt.getClaim("email").asString();
        long jwtExpiresAt = jwt.getExpiresAt().getTime() / 1000;
        long difference = jwtExpiresAt - (System.currentTimeMillis() / 1000);
        if (jwt != null && jwtClientId != null && jwtClientId.equals(clientId) && jwtEmailId != null && jwtEmailId.equalsIgnoreCase(profile.getCredential_user()) && profile.getTokenUrl().contains(jwt.getIssuer()) && difference >= 30) {
            isValid = true;
        }
    } catch (JWTDecodeException exception) {
        throw new IOException(exception.getMessage());
    }
    return isValid;
}

Example 69 with Token

use of com.auth0.json.mgmt.Token in project waltz by finos.

the class DisallowAnonymousFilter method handle.

@Override
public void handle(Request request, Response response) throws Exception {
    String authorizationHeader = request.headers("Authorization");
    if (authorizationHeader == null) {
        halt("Anonymous not allowed");
    } else {
        String token = authorizationHeader.replaceFirst("Bearer ", "");
        DecodedJWT decodedJWT = verifier.verify(token);
        AuthenticationUtilities.setUser(request, decodedJWT.getSubject());
    }
}

Example 70 with Token

use of com.auth0.json.mgmt.Token in project goobi-workflow by intranda.

the class JwtHelper method verifyTokenWithRotationTime.

private static DecodedJWT verifyTokenWithRotationTime(String token, String secret, long lastRotationTime) {
    Algorithm algorithm = Algorithm.HMAC256(secret + lastRotationTime);
    JWTVerifier verifier = JWT.require(algorithm).withIssuer("Goobi").build();
    DecodedJWT jwt = verifier.verify(token);
    return jwt;
}