Example 56 with Claim
use of com.auth0.jwt.Claim in project singleton by vmware.
the class JwtTokenService method verifyToken.
public Map<String, Claim> verifyToken(String token) throws Exception {
JWTVerifier verifier = null;
verifier = JWT.require(Algorithm.HMAC256(authConfig.getJwtSecret())).build();
DecodedJWT decoded = null;
try {
decoded = verifier.verify(token);
} catch (Exception e) {
// TODO Auto-generated catch block
logger.error(e.getMessage(), e);
throw new RuntimeException(e);
}
return decoded.getClaims();
}
Also used :
JWTVerifier(com.auth0.jwt.JWTVerifier)
DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)
Example 57 with Claim
use of com.auth0.jwt.Claim in project auth0-full-stack-java-example by oktadev.
the class UserService method getUser.
private static User getUser(Map<String, Object> details) {
User user = new User();
Boolean activated = Boolean.TRUE;
String sub = String.valueOf(details.get("sub"));
String username = null;
if (details.get("preferred_username") != null) {
username = ((String) details.get("preferred_username")).toLowerCase();
}
// handle resource server JWT, where sub claim is email and uid is ID
if (details.get("uid") != null) {
user.setId((String) details.get("uid"));
user.setLogin(sub);
} else {
user.setId(sub);
}
if (username != null) {
user.setLogin(username);
} else if (user.getLogin() == null) {
user.setLogin(user.getId());
}
if (details.get("given_name") != null) {
user.setFirstName((String) details.get("given_name"));
} else if (details.get("name") != null) {
user.setFirstName((String) details.get("name"));
}
if (details.get("family_name") != null) {
user.setLastName((String) details.get("family_name"));
}
if (details.get("email_verified") != null) {
activated = (Boolean) details.get("email_verified");
}
if (details.get("email") != null) {
user.setEmail(((String) details.get("email")).toLowerCase());
} else if (sub.contains("|") && (username != null && username.contains("@"))) {
// special handling for Auth0
user.setEmail(username);
} else {
user.setEmail(sub);
}
if (details.get("langKey") != null) {
user.setLangKey((String) details.get("langKey"));
} else if (details.get("locale") != null) {
// trim off country code if it exists
String locale = (String) details.get("locale");
if (locale.contains("_")) {
locale = locale.substring(0, locale.indexOf('_'));
} else if (locale.contains("-")) {
locale = locale.substring(0, locale.indexOf('-'));
}
user.setLangKey(locale.toLowerCase());
} else {
// set langKey to default if not specified by IdP
user.setLangKey(Constants.DEFAULT_LANGUAGE);
}
if (details.get("picture") != null) {
user.setImageUrl((String) details.get("picture"));
}
user.setActivated(activated);
return user;
}
Also used :
User(com.auth0.flickr2.domain.User)
Example 58 with Claim
use of com.auth0.jwt.Claim in project nexus-public by sonatype.
the class JwtSecurityFilter method createSubject.
@Override
protected WebSubject createSubject(final ServletRequest request, final ServletResponse response) {
Cookie[] cookies = ((HttpServletRequest) request).getCookies();
if (cookies != null) {
Optional<Cookie> jwtCookie = stream(cookies).filter(cookie -> cookie.getName().equals(JWT_COOKIE_NAME)).findFirst();
if (jwtCookie.isPresent()) {
Cookie cookie = jwtCookie.get();
SimpleSession session = new SimpleSession(request.getRemoteHost());
DecodedJWT decodedJwt;
String jwt = cookie.getValue();
if (!Strings2.isEmpty(jwt)) {
try {
decodedJwt = jwtHelper.verifyJwt(jwt);
} catch (JwtVerificationException e) {
log.debug("Expire and reset the JWT cookie due to the error: {}", e.getMessage());
cookie.setValue("");
cookie.setMaxAge(0);
WebUtils.toHttp(response).addCookie(cookie);
return super.createSubject(request, response);
}
Claim user = decodedJwt.getClaim(USER);
Claim realm = decodedJwt.getClaim(REALM);
PrincipalCollection principals = new SimplePrincipalCollection(user.asString(), realm.asString());
session.setTimeout(TimeUnit.SECONDS.toMillis(jwtHelper.getExpirySeconds()));
session.setAttribute(JWT_COOKIE_NAME, jwt);
return new WebDelegatingSubject(principals, true, request.getRemoteHost(), session, true, request, response, getSecurityManager());
}
}
}
return super.createSubject(request, response);
}
Also used :
Cookie(javax.servlet.http.Cookie)
REALM(org.sonatype.nexus.security.JwtHelper.REALM)
DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)
JwtVerificationException(org.sonatype.nexus.security.jwt.JwtVerificationException)
WebSecurityManager(org.apache.shiro.web.mgt.WebSecurityManager)
WebSubject(org.apache.shiro.web.subject.WebSubject)
LoggerFactory(org.slf4j.LoggerFactory)
WebDelegatingSubject(org.apache.shiro.web.subject.support.WebDelegatingSubject)
Singleton(javax.inject.Singleton)
JWT_COOKIE_NAME(org.sonatype.nexus.security.JwtHelper.JWT_COOKIE_NAME)
Inject(javax.inject.Inject)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
PrincipalCollection(org.apache.shiro.subject.PrincipalCollection)
Cookie(javax.servlet.http.Cookie)
Claim(com.auth0.jwt.interfaces.Claim)
SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection)
SimpleSession(org.apache.shiro.session.mgt.SimpleSession)
ServletRequest(javax.servlet.ServletRequest)
Logger(org.slf4j.Logger)
Preconditions.checkNotNull(com.google.common.base.Preconditions.checkNotNull)
FilterChainResolver(org.apache.shiro.web.filter.mgt.FilterChainResolver)
WebUtils(org.apache.shiro.web.util.WebUtils)
TimeUnit(java.util.concurrent.TimeUnit)
Strings2(org.sonatype.nexus.common.text.Strings2)
ServletResponse(javax.servlet.ServletResponse)
USER(org.sonatype.nexus.security.JwtHelper.USER)
Optional(java.util.Optional)
Arrays.stream(java.util.Arrays.stream)
PrincipalCollection(org.apache.shiro.subject.PrincipalCollection)
SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection)
SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection)
JwtVerificationException(org.sonatype.nexus.security.jwt.JwtVerificationException)
WebDelegatingSubject(org.apache.shiro.web.subject.support.WebDelegatingSubject)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
SimpleSession(org.apache.shiro.session.mgt.SimpleSession)
DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)
Claim(com.auth0.jwt.interfaces.Claim)
Example 59 with Claim
use of com.auth0.jwt.Claim in project java-jwt by auth0.
the class JsonNodeClaimTest method shouldGetNullMapIfNonArrayValue.
@Test
public void shouldGetNullMapIfNonArrayValue() {
JsonNode value = mapper.valueToTree(1);
Claim claim = claimFromNode(value);
assertThat(claim.asMap(), is(nullValue()));
}Example 60 with Claim
use of com.auth0.jwt.Claim in project java-jwt by auth0.
the class JsonNodeClaimTest method shouldGetNullMapIfNullValue.
@Test
public void shouldGetNullMapIfNullValue() {
JsonNode value = mapper.valueToTree(null);
Claim claim = claimFromNode(value);
assertThat(claim.asMap(), is(nullValue()));
}Aggregations
Claim (com.auth0.jwt.interfaces.Claim)110
Test (org.junit.Test)67
DecodedJWT (com.auth0.jwt.interfaces.DecodedJWT)62
JsonNode (com.fasterxml.jackson.databind.JsonNode)42
Algorithm (com.auth0.jwt.algorithms.Algorithm)24
Date (java.util.Date)24
JWTVerificationException (com.auth0.jwt.exceptions.JWTVerificationException)21
RSAPublicKey (java.security.interfaces.RSAPublicKey)21
Test (org.junit.jupiter.api.Test)18
RSAPrivateKey (java.security.interfaces.RSAPrivateKey)17
JWTVerifier (com.auth0.jwt.JWTVerifier)15
JwksTestKeySource (org.sdase.commons.server.auth.service.testsources.JwksTestKeySource)14
JsonObject (com.google.gson.JsonObject)10
HashMap (java.util.HashMap)9
UserPojo (com.auth0.jwt.UserPojo)8
IOException (java.io.IOException)8
Map (java.util.Map)8
TestingProcessManager (io.supertokens.test.TestingProcessManager)7
NullClaim (com.auth0.jwt.impl.NullClaim)5
JWT (com.auth0.jwt.JWT)4
