Examples with JWTVerifier - com.auth0.jwt.JWTVerifier

Example 66 with JWTVerifier

use of com.auth0.jwt.JWTVerifier in project singleton by vmware.

the class JwtTokenService method verifyToken.

public Map<String, Claim> verifyToken(String token) throws Exception {
    JWTVerifier verifier = null;
    verifier = JWT.require(Algorithm.HMAC256(authConfig.getJwtSecret())).build();
    DecodedJWT decoded = null;
    try {
        decoded = verifier.verify(token);
    } catch (Exception e) {
        // TODO Auto-generated catch block
        logger.error(e.getMessage(), e);
        throw new RuntimeException(e);
    }
    return decoded.getClaims();
}

Also used : JWTVerifier(com.auth0.jwt.JWTVerifier) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)

Example 67 with JWTVerifier

use of com.auth0.jwt.JWTVerifier in project wandaxin-vehicle-manage by Jarrettluo.

the class AuthenticationInterceptor method preHandle.

@Override
public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object object) throws Exception {
    // crossDomain(httpServletRequest, httpServletResponse);
    // 从 http 请求头中取出 token
    String token = httpServletRequest.getHeader("token");
    // 如果不是映射到方法直接通过
    if (!(object instanceof HandlerMethod)) {
        return true;
    }
    HandlerMethod handlerMethod = (HandlerMethod) object;
    Method method = handlerMethod.getMethod();
    // 检查是否有passtoken注释，有则跳过认证
    if (method.isAnnotationPresent(PassToken.class)) {
        PassToken passToken = method.getAnnotation(PassToken.class);
        if (passToken.required()) {
            return true;
        }
    }
    // 检查有没有需要用户权限的注解
    if (method.isAnnotationPresent(UserLoginToken.class)) {
        UserLoginToken userLoginToken = method.getAnnotation(UserLoginToken.class);
        if (userLoginToken.required()) {
            // 执行认证
            if (token == null) {
                throw new RuntimeException("无token，请重新登录");
            }
            // 获取 token 中的 user id
            String userId;
            try {
                userId = JWT.decode(token).getAudience().get(0);
            } catch (JWTDecodeException j) {
                throw new RuntimeException("401");
            }
            UserDTO user = userService.findUserById(userId);
            if (user == null) {
                throw new RuntimeException("用户不存在，请重新登录");
            }
            // 验证 token
            JWTVerifier jwtVerifier = JWT.require(Algorithm.HMAC256(user.getPassword())).build();
            try {
                jwtVerifier.verify(token);
            } catch (JWTVerificationException e) {
                throw new RuntimeException("401");
            }
            return true;
        }
    }
    return true;
}

Also used : JWTVerificationException(com.auth0.jwt.exceptions.JWTVerificationException) JWTDecodeException(com.auth0.jwt.exceptions.JWTDecodeException) UserDTO(com.example.demo.domain.dto.UserDTO) PassToken(com.example.demo.annotation.PassToken) HandlerMethod(org.springframework.web.method.HandlerMethod) Method(java.lang.reflect.Method) UserLoginToken(com.example.demo.annotation.UserLoginToken) JWTVerifier(com.auth0.jwt.JWTVerifier) HandlerMethod(org.springframework.web.method.HandlerMethod)

Example 68 with JWTVerifier

use of com.auth0.jwt.JWTVerifier in project jahia by Jahia.

the class JWTConfig method verifyToken.

@Override
public DecodedJWT verifyToken(String token) throws JWTVerificationException, RepositoryException {
    Verification verification = signedVerification();
    addConfigToVerification(verification);
    // Reusable verifier instance
    JWTVerifier verifier = verification.build();
    return verifier.verify(token);
}

Also used : Verification(com.auth0.jwt.interfaces.Verification) JWTVerifier(com.auth0.jwt.JWTVerifier)

Example 69 with JWTVerifier

use of com.auth0.jwt.JWTVerifier in project SpringBootSample by heowc.

the class SpringBootSecurityJwtApplicationTests method test_verifyJwtToken.

@Test
void test_verifyJwtToken() throws Exception {
    try {
        JWTVerifier verifier = JWT.require(Algorithm.HMAC256(TOKEN_KEY)).withIssuer("wonchul").acceptExpiresAt(// 만료일 -4일
        DAY * 4).build();
        DecodedJWT jwt = verifier.verify(JWT_TOKEN);
        logger.info("=================== test_verifyJwtToken ===================");
        logger.info("jwt token         : " + jwt.getToken());
        logger.info("jwt algorithm     : " + jwt.getAlgorithm());
        logger.info("jwt claims        : " + jwt.getClaims());
        logger.info("jwt issuer        : " + jwt.getIssuer());
        logger.info("jwt issuer date   : " + jwt.getIssuedAt());
        logger.info("jwt expires date  : " + jwt.getExpiresAt());
        logger.info("jwt signature     : " + jwt.getSignature());
        logger.info("jwt type          : " + jwt.getType());
        logger.info("jwt key id        : " + jwt.getKeyId());
        logger.info("jwt id            : " + jwt.getId());
        logger.info("jwt subject       : " + jwt.getSubject());
        logger.info("jwt content type  : " + jwt.getContentType());
        logger.info("jwt audience list : " + jwt.getAudience());
    } catch (JWTVerificationException verificationEx) {
        logger.info("Verify Error");
        verificationEx.printStackTrace();
    }
}

Also used : JWTVerificationException(com.auth0.jwt.exceptions.JWTVerificationException) JWTVerifier(com.auth0.jwt.JWTVerifier) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT) Test(org.junit.jupiter.api.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 70 with JWTVerifier

use of com.auth0.jwt.JWTVerifier in project LanternPowerMonitor by MarkBryanMilligan.

the class AppleSSO method getEmailFromIdToken.

public String getEmailFromIdToken(String _idToken) {
    if (validatePublicKey()) {
        try {
            DecodedJWT jwt = JWT.decode(NullUtils.base64ToString(_idToken));
            String kid = jwt.getHeaderClaim("kid").asString();
            RSAPublicKey key = publicKeys.get(kid);
            if (key != null) {
                Algorithm algorithm = Algorithm.RSA256(key, null);
                JWTVerifier verifier = JWT.require(algorithm).withIssuer("https://appleid.apple.com").withAudience(audience).build();
                return verifier.verify(jwt).getClaim("email").asString().toLowerCase(Locale.ROOT);
            }
        } catch (Exception _e) {
            LOG.error("Failed to verify Apple JWT token", _e);
        }
    }
    return null;
}

Also used : RSAPublicKey(java.security.interfaces.RSAPublicKey) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT) Algorithm(com.auth0.jwt.algorithms.Algorithm) JWTVerifier(com.auth0.jwt.JWTVerifier)

Aggregations

JWTVerifier (com.auth0.jwt.JWTVerifier)115 Algorithm (com.auth0.jwt.algorithms.Algorithm)104 DecodedJWT (com.auth0.jwt.interfaces.DecodedJWT)100 Test (org.junit.Test)42 JWTVerificationException (com.auth0.jwt.exceptions.JWTVerificationException)30 IOException (java.io.IOException)23 JWTVerifier (com.auth0.jwt.interfaces.JWTVerifier)18 RSAPublicKey (java.security.interfaces.RSAPublicKey)15 JWTDecodeException (com.auth0.jwt.exceptions.JWTDecodeException)14 Claim (com.auth0.jwt.interfaces.Claim)10 Date (java.util.Date)9 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)8 HashMap (java.util.HashMap)8 ECKey (java.security.interfaces.ECKey)7 ServletException (javax.servlet.ServletException)7 UnsupportedEncodingException (java.io.UnsupportedEncodingException)6 TokenExpiredException (com.auth0.jwt.exceptions.TokenExpiredException)5 RSAKeyProvider (com.auth0.jwt.interfaces.RSAKeyProvider)5 URL (java.net.URL)5 KeyFactory (java.security.KeyFactory)5