Examples with Claim com.auth0.jwt.Claim used on opensource projects

Search in sources :

Example 41 with Claim

use of com.auth0.jwt.Claim in project openware by open-inc.

the class UserService method jwtToUser.

public User jwtToUser(String token) {
    if (jwtVerifier == null)
        return null;
    try {
        DecodedJWT userJWT = jwtVerifier.verify(token);
        Claim userid = userJWT.getClaim("uid");
        if (!userid.isNull())
            return getUserByUID(userid.asString());
        Claim username = userJWT.getClaim("username");
        if (!username.isNull())
            return getUserByUsername(username.asString());
        Claim usermail = userJWT.getClaim("usermail");
        if (!usermail.isNull())
            return getActiveUsers().stream().filter(new Predicate<User>() {

                @Override
                public boolean test(User t) {
                    return t.getEmail().toLowerCase().equals(usermail.asString().toLowerCase());
                }
            }).findFirst().get();
        return null;
    } catch (JWTVerificationException e) {
        return null;
    }
}
Also used : JWTVerificationException(com.auth0.jwt.exceptions.JWTVerificationException) User(de.openinc.model.user.User) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT) Claim(com.auth0.jwt.interfaces.Claim) Predicate(java.util.function.Predicate)

Example 42 with Claim

use of com.auth0.jwt.Claim in project foundation-java by soffalabs.

the class DefaultJwtProcessor method decode.

@Override
public Optional<Authentication> decode(String token, ClaimsExtractor claimsExtractor) {
    try {
        Algorithm algorithm = Algorithm.HMAC256(config.getSecret());
        JWTVerifier verifier = JWT.require(algorithm).withIssuer(config.getIssuer()).build();
        DecodedJWT jwt = verifier.verify(token);
        Map<String, Claim> baseClaims = jwt.getClaims();
        Map<String, Object> claims = new HashMap<>();
        for (Map.Entry<String, Claim> entry : baseClaims.entrySet()) {
            claims.put(entry.getKey(), entry.getValue().asString());
        }
        return Optional.of(claimsExtractor.extractInfo(new Jwt(token, jwt.getSubject(), claims)));
    } catch (Exception e) {
        LOG.error(e);
        return Optional.empty();
    }
}
Also used : HashMap(java.util.HashMap) Algorithm(com.auth0.jwt.algorithms.Algorithm) JWTVerifier(com.auth0.jwt.JWTVerifier) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT) Map(java.util.Map) HashMap(java.util.HashMap) Claim(com.auth0.jwt.interfaces.Claim)

Example 43 with Claim

use of com.auth0.jwt.Claim in project libresonic by Libresonic.

the class JWTAuthenticationProvider method authenticate.

@Override
public Authentication authenticate(Authentication auth) throws AuthenticationException {
    JWTAuthenticationToken authentication = (JWTAuthenticationToken) auth;
    if (authentication.getCredentials() == null || !(authentication.getCredentials() instanceof String)) {
        logger.error("Credentials not present");
        return null;
    }
    String rawToken = (String) auth.getCredentials();
    DecodedJWT token = JWTSecurityService.verify(jwtKey, rawToken);
    Claim path = token.getClaim(JWTSecurityService.CLAIM_PATH);
    authentication.setAuthenticated(true);
    // TODO:AD This is super unfortunate, but not sure there is a better way when using JSP
    if (StringUtils.contains(authentication.getRequestedPath(), "/WEB-INF/jsp/")) {
        logger.warn("BYPASSING AUTH FOR WEB-INF page");
    } else if (!roughlyEqual(path.asString(), authentication.getRequestedPath())) {
        throw new InsufficientAuthenticationException("Credentials not valid for path " + authentication.getRequestedPath() + ". They are valid for " + path.asString());
    }
    List<GrantedAuthority> authorities = new ArrayList<>();
    authorities.add(new SimpleGrantedAuthority("IS_AUTHENTICATED_FULLY"));
    authorities.add(new SimpleGrantedAuthority("ROLE_TEMP"));
    return new JWTAuthenticationToken(authorities, rawToken, authentication.getRequestedPath());
}
Also used : SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) ArrayList(java.util.ArrayList) InsufficientAuthenticationException(org.springframework.security.authentication.InsufficientAuthenticationException) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT) Claim(com.auth0.jwt.interfaces.Claim)

Example 44 with Claim

use of com.auth0.jwt.Claim in project nexus-public by sonatype.

the class JwtHelperTest method assertJwt.

private void assertJwt(final String jwt) {
    DecodedJWT decode = decodeJwt(jwt);
    Claim user = decode.getClaim(USER);
    Claim userId = decode.getClaim(USER_SESSION_ID);
    Claim issuer = decode.getClaim("iss");
    Claim realm = decode.getClaim(REALM);
    assertEquals("admin", user.asString());
    assertNotNull(userId.asString());
    assertEquals(ISSUER, issuer.asString());
    assertEquals("NexusAuthorizingRealm", realm.asString());
}
Also used : DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT) Claim(com.auth0.jwt.interfaces.Claim)

Example 45 with Claim

use of com.auth0.jwt.Claim in project nexus-public by sonatype.

the class JwtHelperTest method testVerifyAndRefresh_success.

@Test
public void testVerifyAndRefresh_success() throws Exception {
    String jwt = makeValidJwt();
    DecodedJWT decodedJWT = decodeJwt(jwt);
    Cookie refreshed = underTest.verifyAndRefreshJwtCookie(jwt);
    assertCookie(refreshed);
    DecodedJWT refreshedJwt = decodeJwt(refreshed.getValue());
    Claim userSessionId = decodedJWT.getClaim(USER_SESSION_ID);
    assertEquals(userSessionId.asString(), refreshedJwt.getClaim(USER_SESSION_ID).asString());
    assertJwt(refreshed.getValue());
}
Also used : Cookie(javax.servlet.http.Cookie) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT) Claim(com.auth0.jwt.interfaces.Claim) Test(org.junit.Test)

Aggregations

Claim (com.auth0.jwt.interfaces.Claim)110 Test (org.junit.Test)67 DecodedJWT (com.auth0.jwt.interfaces.DecodedJWT)62 JsonNode (com.fasterxml.jackson.databind.JsonNode)42 Algorithm (com.auth0.jwt.algorithms.Algorithm)24 Date (java.util.Date)24 JWTVerificationException (com.auth0.jwt.exceptions.JWTVerificationException)21 RSAPublicKey (java.security.interfaces.RSAPublicKey)21 Test (org.junit.jupiter.api.Test)18 RSAPrivateKey (java.security.interfaces.RSAPrivateKey)17 JWTVerifier (com.auth0.jwt.JWTVerifier)15 JwksTestKeySource (org.sdase.commons.server.auth.service.testsources.JwksTestKeySource)14 JsonObject (com.google.gson.JsonObject)10 HashMap (java.util.HashMap)9 UserPojo (com.auth0.jwt.UserPojo)8 IOException (java.io.IOException)8 Map (java.util.Map)8 TestingProcessManager (io.supertokens.test.TestingProcessManager)7 NullClaim (com.auth0.jwt.impl.NullClaim)5 JWT (com.auth0.jwt.JWT)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial