Examples with JWTVerifier com.auth0.jwt.JWTVerifier used on opensource projects

Search in sources :

Example 86 with JWTVerifier

use of com.auth0.jwt.JWTVerifier in project gravitee-management-rest-api by gravitee-io.

the class OAuth2AuthenticationResourceTest method verifyJwtToken.

private void verifyJwtToken(Response response) throws NoSuchAlgorithmException, InvalidKeyException, IOException, SignatureException, JWTVerifyException {
    String cookieContent = response.getCookies().get(HttpHeaders.AUTHORIZATION).getValue();
    assertThat(cookieContent, StringStartsWith.startsWith("Bearer "));
    String jwt = cookieContent.substring(7);
    JWTVerifier jwtVerifier = new JWTVerifier("myJWT4Gr4v1t33_S3cr3t");
    Map<String, Object> mapJwt = jwtVerifier.verify(jwt);
    assertEquals(mapJwt.get("sub"), "janedoe@example.com");
    assertEquals(mapJwt.get("firstname"), "Jane");
    assertEquals(mapJwt.get("iss"), "gravitee-management-auth");
    assertEquals(mapJwt.get("sub"), "janedoe@example.com");
    assertEquals(mapJwt.get("email"), "janedoe@example.com");
    assertEquals(mapJwt.get("lastname"), "Doe");
}
Also used : Matchers.anyString(org.mockito.Matchers.anyString) JWTVerifier(com.auth0.jwt.JWTVerifier)

Example 87 with JWTVerifier

use of com.auth0.jwt.JWTVerifier in project neubbs by nuitcoder.

the class SecretUtil method decryptUserInfoToken.

/**
 * 解密用户信息 Token
 *      - 解密 JWT 生成的用户信息 Token, 获取 UserDO 对象
 *
 * @param token 密文 token
 * @return UserDO 用户信息对象(包含 id,name,rank,state 属性)
 */
public static UserDO decryptUserInfoToken(String token) {
    checkParamNotNull(token);
    DecodedJWT decodedJWT;
    try {
        // decrypt HS256
        JWTVerifier verifier = JWT.require(Algorithm.HMAC256(SetConst.JWT_TOKEN_SECRET_KEY)).build();
        // decoding Base64
        decodedJWT = verifier.verify(token);
    } catch (UnsupportedEncodingException | TokenExpiredException e) {
        throw new UtilClassException(ApiMessage.UNKNOWN_ERROR).log(LogWarnEnum.UC10);
    }
    // Get User information(id, name, rank ,state)
    UserDO user = new UserDO();
    user.setId(decodedJWT.getClaim(ParamConst.ID).asInt());
    user.setName(decodedJWT.getClaim(ParamConst.NAME).asString());
    user.setRank(decodedJWT.getClaim(ParamConst.RANK).asString());
    user.setState(decodedJWT.getClaim(ParamConst.STATE).asInt());
    return user;
}
Also used : UtilClassException(org.neusoft.neubbs.exception.UtilClassException) TokenExpiredException(com.auth0.jwt.exceptions.TokenExpiredException) UserDO(org.neusoft.neubbs.entity.UserDO) UnsupportedEncodingException(java.io.UnsupportedEncodingException) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT) JWTVerifier(com.auth0.jwt.JWTVerifier)

Example 88 with JWTVerifier

use of com.auth0.jwt.JWTVerifier in project gravitee-management-rest-api by gravitee-io.

the class UserServiceImpl method getDecodedJWT.

private DecodedJWT getDecodedJWT(String token) {
    final String jwtSecret = environment.getProperty("jwt.secret");
    if (jwtSecret == null || jwtSecret.isEmpty()) {
        throw new IllegalStateException("JWT secret is mandatory");
    }
    Algorithm algorithm = Algorithm.HMAC256(jwtSecret);
    JWTVerifier verifier = JWT.require(algorithm).withIssuer(environment.getProperty("jwt.issuer", DEFAULT_JWT_ISSUER)).build();
    return verifier.verify(token);
}
Also used : UuidString(io.gravitee.rest.api.service.common.UuidString) Algorithm(com.auth0.jwt.algorithms.Algorithm) JWTVerifier(com.auth0.jwt.JWTVerifier)

Example 89 with JWTVerifier

use of com.auth0.jwt.JWTVerifier in project gravitee-management-rest-api by gravitee-io.

the class OAuth2AuthenticationResourceTest method verifyJwtToken.

private void verifyJwtToken(Response response) throws NoSuchAlgorithmException, InvalidKeyException, IOException, SignatureException, JWTVerificationException {
    Token responseToken = response.readEntity(Token.class);
    assertEquals("BEARER", responseToken.getTokenType().name());
    String token = responseToken.getToken();
    Algorithm algorithm = Algorithm.HMAC256("myJWT4Gr4v1t33_S3cr3t");
    JWTVerifier jwtVerifier = JWT.require(algorithm).build();
    DecodedJWT jwt = jwtVerifier.verify(token);
    assertEquals(jwt.getSubject(), "janedoe@example.com");
    assertEquals("Jane", jwt.getClaim("firstname").asString());
    assertEquals("gravitee-management-auth", jwt.getClaim("iss").asString());
    assertEquals("janedoe@example.com", jwt.getClaim("sub").asString());
    assertEquals("janedoe@example.com", jwt.getClaim("email").asString());
    assertEquals("Doe", jwt.getClaim("lastname").asString());
}
Also used : Token(io.gravitee.rest.api.portal.rest.model.Token) Algorithm(com.auth0.jwt.algorithms.Algorithm) JWTVerifier(com.auth0.jwt.JWTVerifier) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)

Example 90 with JWTVerifier

use of com.auth0.jwt.JWTVerifier in project nextprot-api by calipho-sib.

the class JWTCodecImpl method decodeJWT.

@Override
public Map<String, Object> decodeJWT(String token) {
    try {
        File publicKeyFile = new File(this.getClass().getClassLoader().getResource("keys/pubkey").toURI());
        RSAPublicKey publicKey = (RSAPublicKey) PemUtils.readPublicKeyFromFile(publicKeyFile.toString(), "RSA");
        Algorithm algorithm = Algorithm.RSA256(publicKey);
        JWTVerifier verifier = JWT.require(algorithm).withIssuer("https://nextprot.auth0.com/").withAudience("https://nextprot.auth0.com/api/v2/").withAudience("https://nextprot.auth0.com/userinfo").build();
        DecodedJWT jwt = verifier.verify(token);
        Map<String, Object> map = new HashMap<>();
        map.put(EMAIL, jwt.getClaim("https://www.nextprot.org/userinfo/email").asString());
        return map;
    } catch (IOException e) {
        throw new NextprotSecurityException(e);
    } catch (URISyntaxException e) {
        throw new NextprotSecurityException(e);
    }
}
Also used : RSAPublicKey(java.security.interfaces.RSAPublicKey) HashMap(java.util.HashMap) IOException(java.io.IOException) URISyntaxException(java.net.URISyntaxException) File(java.io.File) Algorithm(com.auth0.jwt.algorithms.Algorithm) JWTVerifier(com.auth0.jwt.JWTVerifier) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT) NextprotSecurityException(org.nextprot.api.security.service.exception.NextprotSecurityException)

Aggregations

JWTVerifier (com.auth0.jwt.JWTVerifier)115 Algorithm (com.auth0.jwt.algorithms.Algorithm)104 DecodedJWT (com.auth0.jwt.interfaces.DecodedJWT)100 Test (org.junit.Test)42 JWTVerificationException (com.auth0.jwt.exceptions.JWTVerificationException)30 IOException (java.io.IOException)23 JWTVerifier (com.auth0.jwt.interfaces.JWTVerifier)18 RSAPublicKey (java.security.interfaces.RSAPublicKey)15 JWTDecodeException (com.auth0.jwt.exceptions.JWTDecodeException)14 Claim (com.auth0.jwt.interfaces.Claim)10 Date (java.util.Date)9 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)8 HashMap (java.util.HashMap)8 ECKey (java.security.interfaces.ECKey)7 ServletException (javax.servlet.ServletException)7 UnsupportedEncodingException (java.io.UnsupportedEncodingException)6 TokenExpiredException (com.auth0.jwt.exceptions.TokenExpiredException)5 RSAKeyProvider (com.auth0.jwt.interfaces.RSAKeyProvider)5 URL (java.net.URL)5 KeyFactory (java.security.KeyFactory)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial