Example 76 with JWT
use of com.auth0.jwt.JWT in project data-transfer-project by google.
the class JWTTokenManager method getJobIdFromToken.
@Override
public UUID getJobIdFromToken(String token) {
try {
DecodedJWT jwt = verifier.verify(token);
// Token is verified, get claim
Claim claim = jwt.getClaim(JWTTokenManager.ID_CLAIM_KEY);
if (claim.isNull()) {
return null;
}
return claim.isNull() ? null : UUID.fromString(claim.asString());
} catch (JWTVerificationException exception) {
throw new RuntimeException("Error verifying token: " + token);
}
}
Also used :
JWTVerificationException(com.auth0.jwt.exceptions.JWTVerificationException)
DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)
Claim(com.auth0.jwt.interfaces.Claim)
Example 77 with JWT
use of com.auth0.jwt.JWT in project data-transfer-project by google.
the class JWTTokenManager method getJobIdFromToken.
@Override
public UUID getJobIdFromToken(String token) {
try {
DecodedJWT jwt = verifier.verify(token);
// Token is verified, get claim
Claim claim = jwt.getClaim(JWTTokenManager.ID_CLAIM_KEY);
if (claim.isNull()) {
return null;
}
return claim.isNull() ? null : UUID.fromString(claim.asString());
} catch (JWTVerificationException exception) {
logger.debug("Error verifying token: {}", exception);
throw new RuntimeException("Error verifying token: " + token);
}
}
Also used :
JWTVerificationException(com.auth0.jwt.exceptions.JWTVerificationException)
DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)
Claim(com.auth0.jwt.interfaces.Claim)
Example 78 with JWT
use of com.auth0.jwt.JWT in project wikidata-query-rdf by wikimedia.
the class TimeLimitedAccessTokenFactory method decide.
<T> T decide(String token, Supplier<T> good, Supplier<T> bad) {
if (token == null) {
return bad.get();
}
DecodedJWT decoded;
try {
decoded = verifier.verify(token);
} catch (JWTVerificationException e) {
return bad.get();
}
Claim claim = decoded.getClaim(USERNAME);
if (claim.isNull()) {
throw new IllegalStateException(("All valid jwt tokens must have a username claim"));
}
if (bannedUsernames.contains(claim.asString())) {
return bad.get();
}
return good.get();
}
Also used :
JWTVerificationException(com.auth0.jwt.exceptions.JWTVerificationException)
DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)
Claim(com.auth0.jwt.interfaces.Claim)
Example 79 with JWT
use of com.auth0.jwt.JWT in project spring-boot by spring-projects.
the class OAuth2ResourceServerAutoConfigurationTests method autoConfigurationShouldConfigureResourceServerUsingJwkSetUriAndIssuerUri.
@SuppressWarnings("unchecked")
@Test
void autoConfigurationShouldConfigureResourceServerUsingJwkSetUriAndIssuerUri() throws Exception {
this.server = new MockWebServer();
this.server.start();
String path = "test";
String issuer = this.server.url(path).toString();
String cleanIssuerPath = cleanIssuerPath(issuer);
setupMockResponse(cleanIssuerPath);
this.contextRunner.withPropertyValues("spring.security.oauth2.resourceserver.jwt.jwk-set-uri=https://jwk-set-uri.com", "spring.security.oauth2.resourceserver.jwt.issuer-uri=http://" + this.server.getHostName() + ":" + this.server.getPort() + "/" + path).run((context) -> {
assertThat(context).hasSingleBean(JwtDecoder.class);
JwtDecoder jwtDecoder = context.getBean(JwtDecoder.class);
DelegatingOAuth2TokenValidator<Jwt> jwtValidator = (DelegatingOAuth2TokenValidator<Jwt>) ReflectionTestUtils.getField(jwtDecoder, "jwtValidator");
Collection<OAuth2TokenValidator<Jwt>> tokenValidators = (Collection<OAuth2TokenValidator<Jwt>>) ReflectionTestUtils.getField(jwtValidator, "tokenValidators");
assertThat(tokenValidators).hasAtLeastOneElementOfType(JwtIssuerValidator.class);
});
}
Also used :
OAuth2TokenValidator(org.springframework.security.oauth2.core.OAuth2TokenValidator)
DelegatingOAuth2TokenValidator(org.springframework.security.oauth2.core.DelegatingOAuth2TokenValidator)
Jwt(org.springframework.security.oauth2.jwt.Jwt)
SupplierJwtDecoder(org.springframework.security.oauth2.jwt.SupplierJwtDecoder)
JwtDecoder(org.springframework.security.oauth2.jwt.JwtDecoder)
MockWebServer(okhttp3.mockwebserver.MockWebServer)
Collection(java.util.Collection)
DelegatingOAuth2TokenValidator(org.springframework.security.oauth2.core.DelegatingOAuth2TokenValidator)
Test(org.junit.jupiter.api.Test)
Example 80 with JWT
use of com.auth0.jwt.JWT in project snow-owl by b2ihealthcare.
the class JWTConfigurationTest method hs512.
@Test
public void hs512() throws Exception {
IdentityConfiguration conf = readConfig("hs512.yml");
new IdentityPlugin().configureJWT(services, identityProvider, conf);
// generate a key then verify it without errors
String jwt = services.getService(JWTGenerator.class).generate("test@example.com", Map.of());
DecodedJWT decoded = services.getService(JWTVerifier.class).verify(jwt);
assertThat(decoded.getAlgorithm()).isEqualTo("HS512");
}
Also used :
DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)
JWTVerifier(com.auth0.jwt.interfaces.JWTVerifier)
Test(org.junit.Test)
Aggregations
Jwt (org.springframework.security.oauth2.jwt.Jwt)99
Test (org.junit.jupiter.api.Test)80
GrantedAuthority (org.springframework.security.core.GrantedAuthority)51
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)39
DecodedJWT (com.auth0.jwt.interfaces.DecodedJWT)23
Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)19
Arrays (java.util.Arrays)18
ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)18
TestJwts (org.springframework.security.oauth2.jwt.TestJwts)18
List (java.util.List)17
Algorithm (com.auth0.jwt.algorithms.Algorithm)16
AbstractAuthenticationToken (org.springframework.security.authentication.AbstractAuthenticationToken)16
Authentication (org.springframework.security.core.Authentication)16
Test (org.junit.Test)14
HashMap (java.util.HashMap)13
OAuth2AccessTokenResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse)13
Instant (java.time.Instant)11
Assertions.assertThatIllegalArgumentException (org.assertj.core.api.Assertions.assertThatIllegalArgumentException)11
BeforeEach (org.junit.jupiter.api.BeforeEach)11
JWTVerifier (com.auth0.jwt.JWTVerifier)10
