Examples with Algorithm com.auth0.jwt.Algorithm used on opensource projects

Example 36 with Algorithm

use of com.auth0.jwt.Algorithm in project drug-formulary-ri by HL7-DaVinci.

the class IntrospectionEndpoint method handleIntrospection.

public static ResponseEntity<String> handleIntrospection(String token) {
    JSONObject response = new JSONObject();
    String baseUrl = AuthUtils.getFhirBaseUrl();
    try {
        Algorithm algorithm = Algorithm.RSA256(OauthEndpointController.getPublicKey(), null);
        JWTVerifier verifier = JWT.require(algorithm).withIssuer(baseUrl).withAudience(baseUrl).build();
        DecodedJWT jwt = verifier.verify(token);
        response.put("active", true);
        response.put("aud", jwt.getAudience().get(0));
        response.put("iss", jwt.getIssuer());
        // Display in sec not ms
        response.put("exp", jwt.getExpiresAt().getTime() / 1000);
        // Display in sec not ms
        response.put("iat", jwt.getIssuedAt().getTime() / 1000);
        response.put("patient_id", jwt.getClaim("patient_id").asString());
    } catch (JWTVerificationException exception) {
        response.put("active", false);
    }
    return new ResponseEntity<>(response.toString(), HttpStatus.OK);
}

Example 37 with Algorithm

use of com.auth0.jwt.Algorithm in project drug-formulary-ri by HL7-DaVinci.

the class PatientAuthorizationInterceptor method verify.

/**
 * Helper method to verify and decode the access token
 *
 * @param token       - the access token
 * @param fhirBaseUrl - the base url of this FHIR server
 * @return the base interface Patient ID datatype if the jwt token is verified
 *         and contains a patient ID in it claim, otherwise null.
 * @throws SignatureVerificationException
 * @throws TokenExpiredException
 * @throws JWTVerificationException
 */
private IIdType verify(String token, String fhirBaseUrl) throws SignatureVerificationException, TokenExpiredException, JWTVerificationException {
    Algorithm algorithm = Algorithm.RSA256(OauthEndpointController.getPublicKey(), null);
    logger.fine("Verifying JWT token iss and aud is " + fhirBaseUrl);
    JWTVerifier verifier = JWT.require(algorithm).withIssuer(fhirBaseUrl).withAudience(fhirBaseUrl).build();
    DecodedJWT jwt = verifier.verify(token);
    String patientId = jwt.getClaim("patient_id").asString();
    if (patientId != null)
        return new IdType("Patient", patientId);
    return null;
}

Example 38 with Algorithm

use of com.auth0.jwt.Algorithm in project drug-formulary-ri by HL7-DaVinci.

the class AuthUtils method authCodeIsValid.

/**
 * Verify the authorization code provided in the POST request's claim to /token
 * path
 *
 * @param code        - the authorization code provided in the request
 * @param baseUrl     - this server base URL
 * @param redirectURI - the requestor/client redirect URI provided in the POST
 *                    request
 * @param clientId    - the client ID retrieved from the request's Authorization
 *                    Header
 * @return patientId if the authorization code is valid, otherwise null
 */
public static String authCodeIsValid(String code, String baseUrl, String redirectURI, String clientId) {
    String patientId = null;
    try {
        Algorithm algorithm = Algorithm.RSA256(OauthEndpointController.getPublicKey(), null);
        JWTVerifier verifier = JWT.require(algorithm).withIssuer(baseUrl).withAudience(baseUrl).withClaim(REDIRECT_URI_KEY, redirectURI).withClaim(CLIENT_ID_KEY, clientId).build();
        DecodedJWT jwt = verifier.verify(code);
        String username = jwt.getClaim("username").asString();
        User user = User.getUser(username);
        patientId = user != null ? user.getPatientId() : null;
    } catch (SignatureVerificationException | InvalidClaimException e) {
        logger.log(Level.SEVERE, "TokenEndpoint::Authorization code is invalid: Signature invalid or claim value invalid", e);
    } catch (AlgorithmMismatchException e) {
        logger.log(Level.SEVERE, "TokenEndpoint::Authorization code is invalid: Algorithm mismatch", e);
    } catch (TokenExpiredException e) {
        logger.log(Level.SEVERE, "TokenEndpoint::Authorization code is invalid: Token expired", e);
    } catch (JWTVerificationException e) {
        logger.log(Level.SEVERE, "TokenEndpoint::Authorization code is invalid: Please obtain a new code", e);
    }
    return patientId;
}

Example 39 with Algorithm

use of com.auth0.jwt.Algorithm in project goobi-workflow by intranda.

the class JwtHelper method verifyTokenWithRotationTime.

private static DecodedJWT verifyTokenWithRotationTime(String token, String secret, long lastRotationTime) {
    Algorithm algorithm = Algorithm.HMAC256(secret + lastRotationTime);
    JWTVerifier verifier = JWT.require(algorithm).withIssuer("Goobi").build();
    DecodedJWT jwt = verifier.verify(token);
    return jwt;
}

Example 40 with Algorithm

use of com.auth0.jwt.Algorithm in project goobi-workflow by intranda.

the class JwtHelper method createToken.

public static String createToken(Map<String, String> map, Date expiryDate) throws ConfigurationException {
    String secret = ConfigurationHelper.getInstance().getJwtSecret();
    if (secret == null) {
        throw new ConfigurationException("Could not get JWT secret from configuration. Please configure the key 'jwtSecret' in the file goobi_config.properties");
    }
    if (map == null || map.isEmpty()) {
        throw new ConfigurationException("Could not generate token from an empty map.");
    }
    Algorithm algorithm = createSigningAlgorithm(secret);
    Builder tokenBuilder = JWT.create().withIssuer("Goobi");
    for (String key : map.keySet()) {
        tokenBuilder = tokenBuilder.withClaim(key, map.get(key));
    }
    return tokenBuilder.withExpiresAt(expiryDate).sign(algorithm);
}