Example 71 with Token
use of com.auth0.json.mgmt.Token in project goobi-workflow by intranda.
the class JwtHelper method createToken.
public static String createToken(Map<String, String> map, Date expiryDate) throws ConfigurationException {
String secret = ConfigurationHelper.getInstance().getJwtSecret();
if (secret == null) {
throw new ConfigurationException("Could not get JWT secret from configuration. Please configure the key 'jwtSecret' in the file goobi_config.properties");
}
if (map == null || map.isEmpty()) {
throw new ConfigurationException("Could not generate token from an empty map.");
}
Algorithm algorithm = createSigningAlgorithm(secret);
Builder tokenBuilder = JWT.create().withIssuer("Goobi");
for (String key : map.keySet()) {
tokenBuilder = tokenBuilder.withClaim(key, map.get(key));
}
return tokenBuilder.withExpiresAt(expiryDate).sign(algorithm);
}
Also used :
ConfigurationException(javax.naming.ConfigurationException)
Builder(com.auth0.jwt.JWTCreator.Builder)
Algorithm(com.auth0.jwt.algorithms.Algorithm)
Example 72 with Token
use of com.auth0.json.mgmt.Token in project goobi-workflow by intranda.
the class JwtHelper method createSigningAlgorithm.
/**
* creates a rotated token. Rotation is done by appending a timestamp
*
* @param secret
* @return
*/
private static Algorithm createSigningAlgorithm(String secret) {
long currentTime = System.currentTimeMillis();
long rotationTime = (currentTime / rotationDuration) * rotationDuration;
Algorithm algorithm = Algorithm.HMAC256(secret + rotationTime);
return algorithm;
}
Also used :
Algorithm(com.auth0.jwt.algorithms.Algorithm)
Example 73 with Token
use of com.auth0.json.mgmt.Token in project goobi-workflow by intranda.
the class AuthorizationFilter method checkJwt.
/**
* Verifies the JSON web token and checks if the "api_path" and "api_methods" claims match the actual request
*
* @param jwt
* @param path the endpoint path the request tries to use
* @param method the HTTP method used in the request
* @return true, if the JWT authorizes the usage of the API path and method. Else: false
*/
public static boolean checkJwt(String jwt, String path, String method) {
if (StringUtils.isBlank(jwt)) {
return false;
}
try {
DecodedJWT decodedJWT = JwtHelper.verifyTokenAndReturnClaims(jwt);
Claim pathClaim = decodedJWT.getClaim("api_path");
if (pathClaim == null || pathClaim.isNull()) {
return false;
}
if (!Pattern.matches(pathClaim.asString(), path)) {
return false;
}
Claim methodsClaim = decodedJWT.getClaim("api_methods");
if (methodsClaim == null) {
return false;
}
boolean methodMatch = Arrays.stream(methodsClaim.asArray(String.class)).anyMatch(claimMethod -> method.equalsIgnoreCase(claimMethod));
if (!methodMatch) {
return false;
}
return true;
} catch (javax.naming.ConfigurationException | JWTVerificationException e) {
log.error(e);
return false;
}
}
Also used :
JWTVerificationException(com.auth0.jwt.exceptions.JWTVerificationException)
ConfigurationException(org.apache.commons.configuration.ConfigurationException)
DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)
Claim(com.auth0.jwt.interfaces.Claim)
Example 74 with Token
use of com.auth0.json.mgmt.Token in project spring-learning by moon-zhou.
the class JWTUtils method getToken.
/**
* 生产token
*/
public static String getToken(Map<String, String> map) {
JWTCreator.Builder builder = JWT.create();
// payload
map.forEach((k, v) -> {
builder.withClaim(k, v);
});
Calendar instance = Calendar.getInstance();
// 默认7天过期
instance.add(Calendar.DATE, 7);
// 指定令牌的过期时间
builder.withExpiresAt(instance.getTime());
// 签名
String token = builder.sign(Algorithm.HMAC256(SECRET));
return token;
}
Also used :
JWTCreator(com.auth0.jwt.JWTCreator)
Calendar(java.util.Calendar)
Example 75 with Token
use of com.auth0.json.mgmt.Token in project spring-learning by moon-zhou.
the class JWTTest method testJWTVerify.
/**
* 验证JWT生成的token
*
* 为了方便测试,定义了类变量,整体用例可直接执行
*/
@Test
public void testJWTVerify() {
final JWTVerifier jwtVerifier = JWT.require(Algorithm.HMAC256(SIGN)).build();
final DecodedJWT decodedJWT = jwtVerifier.verify(token);
int decodeUserId = decodedJWT.getClaim(USER_ID).asInt();
String decodeUserName = decodedJWT.getClaim(USER_NAME).asString();
System.out.println("用户Id:" + decodeUserId);
System.out.println("用户名:" + decodeUserName);
System.out.println("过期时间:" + decodedJWT.getExpiresAt());
Assertions.assertEquals(userId, decodeUserId);
Assertions.assertEquals(userName, decodeUserName);
}
Also used :
JWTVerifier(com.auth0.jwt.JWTVerifier)
DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)
Test(org.junit.jupiter.api.Test)
Aggregations
DecodedJWT (com.auth0.jwt.interfaces.DecodedJWT)276
Algorithm (com.auth0.jwt.algorithms.Algorithm)147
Test (org.junit.Test)120
JWTVerifier (com.auth0.jwt.JWTVerifier)97
Date (java.util.Date)78
JWTVerificationException (com.auth0.jwt.exceptions.JWTVerificationException)62
IOException (java.io.IOException)59
Claim (com.auth0.jwt.interfaces.Claim)49
HashMap (java.util.HashMap)40
VoidRequest (com.auth0.net.VoidRequest)31
RSAPublicKey (java.security.interfaces.RSAPublicKey)31
Test (org.junit.jupiter.api.Test)30
JWTDecodeException (com.auth0.jwt.exceptions.JWTDecodeException)28
JWTCreator (com.auth0.jwt.JWTCreator)21
RSAPrivateKey (java.security.interfaces.RSAPrivateKey)21
JWT (com.auth0.jwt.JWT)20
ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)19
UnsupportedEncodingException (java.io.UnsupportedEncodingException)18
Instant (java.time.Instant)18
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)17
