Example 1 with JwkProvider
use of com.auth0.jwk.JwkProvider in project snow-owl by b2ihealthcare.
the class IdentityPlugin method createRSAKeyProvider.
private RSAKeyProvider createRSAKeyProvider(IdentityConfiguration conf) throws MalformedURLException {
final String privateKeyId;
final RSAPrivateKey privateKey;
// read private key if provided
if (!Strings.isNullOrEmpty(conf.getSigningKey())) {
privateKeyId = Hashing.goodFastHash(16).hashString(conf.getSigningKey(), Charsets.UTF_8).toString();
privateKey = readPrivateKey(conf.getSigningKey());
} else {
privateKeyId = null;
privateKey = null;
}
if (!Strings.isNullOrEmpty(conf.getJwksUrl())) {
// prefer JSON Web Key Set provider URLs (if set) for token verification
JwkProvider jwkProvider = new JwkProviderBuilder(new URL(conf.getJwksUrl())).cached(5, 24, TimeUnit.HOURS).rateLimited(10, 1, TimeUnit.MINUTES).build();
return new RSAKeyProvider() {
@Override
public RSAPublicKey getPublicKeyById(String kid) {
try {
return (RSAPublicKey) jwkProvider.get(kid).getPublicKey();
} catch (JwkException e) {
throw new SnowowlRuntimeException(e.getMessage(), e);
}
}
@Override
public String getPrivateKeyId() {
return privateKeyId;
}
@Override
public RSAPrivateKey getPrivateKey() {
return privateKey;
}
};
} else if (!Strings.isNullOrEmpty(conf.getVerificationKey())) {
// if JWKS is not set, then fall back to verification key if set
RSAPublicKey publicKey = readPublicKey(conf.getVerificationKey());
return new RSAKeyProvider() {
@Override
public RSAPublicKey getPublicKeyById(String kid) {
return publicKey;
}
@Override
public String getPrivateKeyId() {
return privateKeyId;
}
@Override
public RSAPrivateKey getPrivateKey() {
return privateKey;
}
};
} else {
// if neither jwksUrl nor the verificationKey settings are configured then this not an RSA configuration (or an invalid configuration raised when creating the algorithm instance)
return null;
}
}
Also used :
RSAKeyProvider(com.auth0.jwt.interfaces.RSAKeyProvider)
RSAPublicKey(java.security.interfaces.RSAPublicKey)
JwkProvider(com.auth0.jwk.JwkProvider)
JwkProviderBuilder(com.auth0.jwk.JwkProviderBuilder)
JwkException(com.auth0.jwk.JwkException)
RSAPrivateKey(java.security.interfaces.RSAPrivateKey)
URL(java.net.URL)
SnowowlRuntimeException(com.b2international.snowowl.core.api.SnowowlRuntimeException)
Example 2 with JwkProvider
use of com.auth0.jwk.JwkProvider in project tutorials by eugenp.
the class OpenIdConnectFilter method verifier.
private RsaVerifier verifier(String kid) throws Exception {
JwkProvider provider = new UrlJwkProvider(new URL(jwkUrl));
Jwk jwk = provider.get(kid);
return new RsaVerifier((RSAPublicKey) jwk.getPublicKey());
}
Also used :
RsaVerifier(org.springframework.security.jwt.crypto.sign.RsaVerifier)
UrlJwkProvider(com.auth0.jwk.UrlJwkProvider)
JwkProvider(com.auth0.jwk.JwkProvider)
UrlJwkProvider(com.auth0.jwk.UrlJwkProvider)
URL(java.net.URL)
Jwk(com.auth0.jwk.Jwk)
Aggregations
JwkProvider (com.auth0.jwk.JwkProvider)2
URL (java.net.URL)2
Jwk (com.auth0.jwk.Jwk)1
JwkException (com.auth0.jwk.JwkException)1
JwkProviderBuilder (com.auth0.jwk.JwkProviderBuilder)1
UrlJwkProvider (com.auth0.jwk.UrlJwkProvider)1
RSAKeyProvider (com.auth0.jwt.interfaces.RSAKeyProvider)1
SnowowlRuntimeException (com.b2international.snowowl.core.api.SnowowlRuntimeException)1
RSAPrivateKey (java.security.interfaces.RSAPrivateKey)1
RSAPublicKey (java.security.interfaces.RSAPublicKey)1
RsaVerifier (org.springframework.security.jwt.crypto.sign.RsaVerifier)1
