Examples with Token com.auth0.json.mgmt.Token used on opensource projects

Example 41 with Token

use of com.auth0.json.mgmt.Token in project eblocker by eblocker.

the class JsonWebTokenHandler method verifyToken.

public TokenInfo verifyToken(String encodedToken) {
    try {
        JWTVerifier jwtVerifier = new JWTVerifier(secret, audience, issuer);
        Map<String, Object> claims = jwtVerifier.verify(encodedToken);
        return new TokenInfo(claims);
    } catch (JWTVerifyException | SignatureException e) {
        throw new UnauthorizedException("error.token.invalid", e);
    } catch (IllegalStateException | GeneralSecurityException | IOException e) {
        LOG.info("Received corrupted authn token: {}", e.getMessage());
        throw new UnauthorizedException("error.token.corrupt", e);
    }
}

Example 42 with Token

use of com.auth0.json.mgmt.Token in project supertokens-core by supertokens.

the class JWTSigningFunctions method createJWTToken.

/**
 * Creates and returns a JWT string
 *
 * @param main
 * @param algorithm   The signing algorithm to use when creating the token. Refer to
 *                    {@link JWTSigningKey.SupportedAlgorithms}
 * @param payload     JSON object containing user defined claims to be added to the JWT payload
 * @param jwksDomain  Used as the issuer in the JWT payload
 * @param jwtValidity Used to set iat anf exp claims in the JWT payload
 * @return String token
 * @throws StorageQueryException                   If there is an error interacting with the database
 * @throws StorageTransactionLogicException        If there is an error interacting with the database
 * @throws NoSuchAlgorithmException                If there is an error when using Java's cryptography packages
 * @throws InvalidKeySpecException                 If there is an error when using Java's cryptography packages
 * @throws JWTCreationException                    If there is an error when creating JWTs
 * @throws UnsupportedJWTSigningAlgorithmException If the algorithm provided does not match any of the supported
 *                                                 algorithms
 */
@SuppressWarnings("unchecked")
public static String createJWTToken(Main main, String algorithm, JsonObject payload, String jwksDomain, long jwtValidity) throws StorageQueryException, StorageTransactionLogicException, NoSuchAlgorithmException, InvalidKeySpecException, JWTCreationException, UnsupportedJWTSigningAlgorithmException {
    // TODO: In the future we will have a way for the user to send a custom key id to use
    JWTSigningKey.SupportedAlgorithms supportedAlgorithm;
    try {
        supportedAlgorithm = JWTSigningKey.SupportedAlgorithms.valueOf(algorithm);
    } catch (IllegalArgumentException e) {
        // If it enters this block then the string value provided does not match the algorithms we support
        throw new UnsupportedJWTSigningAlgorithmException();
    }
    JWTSigningKeyInfo keyToUse = JWTSigningKey.getInstance(main).getOrCreateAndGetKeyForAlgorithm(supportedAlgorithm);
    // Get an instance of auth0's Algorithm which is needed when signing using auth0's package
    Algorithm signingAlgorithm = getAuth0Algorithm(supportedAlgorithm, keyToUse);
    // Create the claims for the JWT header
    Map<String, Object> headerClaims = new HashMap<>();
    // All examples in the RFC have the algorithm
    headerClaims.put("alg", supportedAlgorithm.name().toUpperCase());
    // in upper case
    headerClaims.put("typ", "JWT");
    headerClaims.put("kid", keyToUse.keyId);
    long currentTimeInMillis = System.currentTimeMillis();
    // JWT Expiry is seconds from epoch not millis
    long jwtExpiry = Double.valueOf(Math.ceil((currentTimeInMillis / 1000.0))).longValue() + (jwtValidity);
    // Add relevant claims to the payload, note we only add/override ones that we absolutely need to.
    Map<String, Object> jwtPayload = new Gson().fromJson(payload, HashMap.class);
    jwtPayload.putIfAbsent("iss", jwksDomain);
    jwtPayload.put("exp", jwtExpiry);
    // JWT uses seconds from epoch not millis
    jwtPayload.put("iat", currentTimeInMillis / 1000);
    return com.auth0.jwt.JWT.create().withPayload(jwtPayload).withHeader(headerClaims).sign(signingAlgorithm);
}

Example 43 with Token

use of com.auth0.json.mgmt.Token in project auth0-java by auth0.

the class OrganizationsEntity method deleteInvitation.

/**
 * Delete an invitation. A token with {@code delete:organization_invitations`} scope is required.
 *
 * @param orgId the ID of the organization
 * @param invitationId the ID of the invitation to delete
 * @return a Request to execute
 *
 * @see <a href="https://auth0.com/docs/api/management/v2#!/Organizations/delete_invitations_by_invitation_id">https://auth0.com/docs/api/management/v2#!/Organizations/delete_invitations_by_invitation_id</a>
 */
public Request<Void> deleteInvitation(String orgId, String invitationId) {
    Asserts.assertNotNull(orgId, "organization ID");
    Asserts.assertNotNull(invitationId, "invitation ID");
    String url = baseUrl.newBuilder().addPathSegments(ORGS_PATH).addPathSegment(orgId).addPathSegment("invitations").addPathSegment(invitationId).build().toString();
    VoidRequest request = new VoidRequest(client, url, "DELETE");
    request.addHeader(AUTHORIZATION_HEADER, "Bearer " + apiToken);
    return request;
}

Example 44 with Token

use of com.auth0.json.mgmt.Token in project auth0-java by auth0.

the class OrganizationsEntity method addMembers.

/**
 * Add members to an organization. A token with {@code create:organization_members} scope is required.
 *
 * @param orgId the ID of the organization
 * @param members The members to add
 * @return a Request to execute
 *
 * @see <a href="https://auth0.com/docs/api/management/v2#!/Organizations/post_members">https://auth0.com/docs/api/management/v2#!/Organizations/post_members</a>
 */
public Request<Void> addMembers(String orgId, Members members) {
    Asserts.assertNotNull(orgId, "organization ID");
    Asserts.assertNotNull(members, "members");
    String url = baseUrl.newBuilder().addPathSegments(ORGS_PATH).addPathSegment(orgId).addPathSegment("members").build().toString();
    VoidRequest request = new VoidRequest(client, url, "POST");
    request.addHeader(AUTHORIZATION_HEADER, "Bearer " + apiToken);
    request.setBody(members);
    return request;
}

Example 45 with Token

use of com.auth0.json.mgmt.Token in project auth0-java by auth0.

the class OrganizationsEntity method deleteConnection.

/**
 * Delete a connection from an organization. A token with {@code delete:organization_connections} scope is required.
 *
 * @param orgId the ID of the organization
 * @param connectionId the ID of the connection to delete
 * @return a Request to execute
 *
 * @see <a href="https://auth0.com/docs/api/management/v2#!/Organizations/delete_enabled_connections_by_connectionId">https://auth0.com/docs/api/management/v2#!/Organizations/delete_enabled_connections_by_connectionId</a>
 */
public Request<Void> deleteConnection(String orgId, String connectionId) {
    Asserts.assertNotNull(orgId, "organization ID");
    Asserts.assertNotNull(connectionId, "connection ID");
    String url = baseUrl.newBuilder().addPathSegments(ORGS_PATH).addPathSegment(orgId).addPathSegment("enabled_connections").addPathSegment(connectionId).build().toString();
    VoidRequest voidRequest = new VoidRequest(client, url, "DELETE");
    voidRequest.addHeader(AUTHORIZATION_HEADER, "Bearer " + apiToken);
    return voidRequest;
}