Examples with JWT com.auth0.jwt.JWT used on opensource projects

Example 81 with JWT

use of com.auth0.jwt.JWT in project snow-owl by b2ihealthcare.

the class JWTConfigurationTest method hs256.

@Test
public void hs256() throws Exception {
    IdentityConfiguration conf = readConfig("hs256.yml");
    new IdentityPlugin().configureJWT(services, identityProvider, conf);
    // generate a key then verify it without errors
    String jwt = services.getService(JWTGenerator.class).generate("test@example.com", Map.of());
    DecodedJWT decoded = services.getService(JWTVerifier.class).verify(jwt);
    assertThat(decoded.getAlgorithm()).isEqualTo("HS256");
}

Example 82 with JWT

use of com.auth0.jwt.JWT in project flow by vaadin.

the class JwtSecurityUtils method getAuthenticatedUser.

public UserDetails getAuthenticatedUser() {
    SecurityContext context = SecurityContextHolder.getContext();
    Object principal = context.getAuthentication().getPrincipal();
    if (principal instanceof Jwt) {
        String userName = ((Jwt) principal).getClaim("sub");
        return new User(userName, "", Collections.emptyList());
    }
    // Anonymous or no authentication.
    return null;
}

Example 83 with JWT

use of com.auth0.jwt.JWT in project spring-security by spring-projects.

the class OAuth2LoginBeanDefinitionParserTests method requestWhenCustomGrantedAuthoritiesMapperThenCalled.

@SuppressWarnings({ "unchecked", "rawtypes" })
@Test
public void requestWhenCustomGrantedAuthoritiesMapperThenCalled() throws Exception {
    this.spring.configLocations(this.xml("MultiClientRegistration-WithCustomGrantedAuthorities")).autowire();
    Map<String, Object> attributes = new HashMap<>();
    attributes.put(OAuth2ParameterNames.REGISTRATION_ID, "github-login");
    OAuth2AuthorizationRequest authorizationRequest = TestOAuth2AuthorizationRequests.request().attributes(attributes).build();
    given(this.authorizationRequestRepository.removeAuthorizationRequest(any(), any())).willReturn(authorizationRequest);
    OAuth2AccessTokenResponse accessTokenResponse = TestOAuth2AccessTokenResponses.accessTokenResponse().build();
    given(this.accessTokenResponseClient.getTokenResponse(any())).willReturn(accessTokenResponse);
    OAuth2User oauth2User = TestOAuth2Users.create();
    given(this.oauth2UserService.loadUser(any())).willReturn(oauth2User);
    given(this.userAuthoritiesMapper.mapAuthorities(any())).willReturn((Collection) AuthorityUtils.createAuthorityList("ROLE_OAUTH2_USER"));
    MultiValueMap<String, String> params = new LinkedMultiValueMap<>();
    params.add("code", "code123");
    params.add("state", authorizationRequest.getState());
    this.mvc.perform(get("/login/oauth2/code/github-login").params(params)).andExpect(status().is2xxSuccessful());
    ArgumentCaptor<Authentication> authenticationCaptor = ArgumentCaptor.forClass(Authentication.class);
    verify(this.authenticationSuccessHandler).onAuthenticationSuccess(any(), any(), authenticationCaptor.capture());
    Authentication authentication = authenticationCaptor.getValue();
    assertThat(authentication.getPrincipal()).isInstanceOf(OAuth2User.class);
    assertThat(authentication.getAuthorities()).hasSize(1);
    assertThat(authentication.getAuthorities()).first().isInstanceOf(SimpleGrantedAuthority.class).hasToString("ROLE_OAUTH2_USER");
    // re-setup for OIDC test
    attributes = new HashMap<>();
    attributes.put(OAuth2ParameterNames.REGISTRATION_ID, "google-login");
    authorizationRequest = TestOAuth2AuthorizationRequests.oidcRequest().attributes(attributes).build();
    given(this.authorizationRequestRepository.removeAuthorizationRequest(any(), any())).willReturn(authorizationRequest);
    accessTokenResponse = TestOAuth2AccessTokenResponses.oidcAccessTokenResponse().build();
    given(this.accessTokenResponseClient.getTokenResponse(any())).willReturn(accessTokenResponse);
    Jwt jwt = TestJwts.user();
    given(this.jwtDecoderFactory.createDecoder(any())).willReturn((token) -> jwt);
    given(this.userAuthoritiesMapper.mapAuthorities(any())).willReturn((Collection) AuthorityUtils.createAuthorityList("ROLE_OIDC_USER"));
    // @formatter:off
    this.mvc.perform(get("/login/oauth2/code/google-login").params(params)).andExpect(status().is2xxSuccessful());
    // @formatter:on
    authenticationCaptor = ArgumentCaptor.forClass(Authentication.class);
    verify(this.authenticationSuccessHandler, times(2)).onAuthenticationSuccess(any(), any(), authenticationCaptor.capture());
    authentication = authenticationCaptor.getValue();
    assertThat(authentication.getPrincipal()).isInstanceOf(OidcUser.class);
    assertThat(authentication.getAuthorities()).hasSize(1);
    assertThat(authentication.getAuthorities()).first().isInstanceOf(SimpleGrantedAuthority.class).hasToString("ROLE_OIDC_USER");
}

Example 84 with JWT

use of com.auth0.jwt.JWT in project c4sg-services by Code4SocialGood.

the class JwtUtil method match.

/**
 * Checks if the email matches
 * @param email Email address
 * @return True if match
 */
public static boolean match(String email) {
    AuthenticationJsonWebToken auth = (AuthenticationJsonWebToken) SecurityContextHolder.getContext().getAuthentication();
    if (auth != null) {
        DecodedJWT jwt = (DecodedJWT) auth.getDetails();
        String emailFromClaim = jwt.getClaim("http://email").asString();
        if (email.equals(emailFromClaim))
            return true;
    }
    return false;
}

Example 85 with JWT

use of com.auth0.jwt.JWT in project dhis2-core by dhis2.

the class JwtBearerTokenTest method testJwkEncodeEndDecode.

@Test
void testJwkEncodeEndDecode() throws JOSEException {
    Jwt encodedJws = createJwt(TEST_PROVIDER_ONE_URI, CLIENT_ID_1, DEFAULT_MAPPING_CLAIM, DEFAULT_EMAIL);
    assertEquals("JWT", encodedJws.getHeaders().get(JoseHeaderNames.TYP));
    assertEquals(RSA_KEY.getKeyID(), encodedJws.getHeaders().get(JoseHeaderNames.KID));
    assertNotNull(encodedJws.getId());
    String tokenValue = encodedJws.getTokenValue();
    jwtDecoder.decode(tokenValue);
}