Examples with com.auth0.jwt.exceptions com.auth0.jwt.exceptions used on opensource projects

Search in sources :

Example 11 with com.auth0.jwt.exceptions

use of com.auth0.jwt.exceptions in project cryptography by norkator.

the class JWT method verifyECDSA256Jwt.

/**
 * Verify elliptic curve based JWT
 *
 * @param publicPem of key pair
 * @param issuer    party name
 * @param token     of created jwt
 * @return DecodedJWT including claims
 * @throws JWTVerificationException thrown if verification fails
 */
public static DecodedJWT verifyECDSA256Jwt(String publicPem, String issuer, final String token) throws JWTVerificationException, InvalidKeySpecException, NoSuchAlgorithmException {
    ECKey publicKey = (ECKey) PEMToKey.getPemPublicKey(publicPem, "ECDSA");
    Algorithm algorithm = Algorithm.ECDSA256(publicKey);
    JWTVerifier verifier = com.auth0.jwt.JWT.require(algorithm).withIssuer(issuer).build();
    return verifier.verify(token);
}
Also used : ECKey(java.security.interfaces.ECKey) Algorithm(com.auth0.jwt.algorithms.Algorithm) JWTVerifier(com.auth0.jwt.JWTVerifier)

Example 12 with com.auth0.jwt.exceptions

use of com.auth0.jwt.exceptions in project actframework by actframework.

the class JWTTest method fromAuth0.

private String fromAuth0() throws Exception {
    JWTCreator.Builder builder = com.auth0.jwt.JWT.create();
    builder.withIssuer(ISSUER);
    builder.withExpiresAt(new Date(EXPIRE_AT * 1000l));
    builder.withJWTId(TOKEN_ID);
    builder.withClaim(KEY_USERNAME, USERNAME);
    Algorithm algorithm = Algorithm.HMAC256(SECRET);
    return builder.sign(algorithm);
}
Also used : JWTCreator(com.auth0.jwt.JWTCreator) Algorithm(com.auth0.jwt.algorithms.Algorithm) Date(java.util.Date)

Example 13 with com.auth0.jwt.exceptions

use of com.auth0.jwt.exceptions in project java-docs-samples by GoogleCloudPlatform.

the class GoogleJwtClient method generateJwt.

// [START endpoints_generate_jwt_sa]
/**
 * Generates a signed JSON Web Token using a Google API Service Account
 * utilizes com.auth0.jwt.
 */
public static String generateJwt(final String saKeyfile, final String saEmail, final String audience, final int expiryLength) throws FileNotFoundException, IOException {
    Date now = new Date();
    Date expTime = new Date(System.currentTimeMillis() + TimeUnit.SECONDS.toMillis(expiryLength));
    // Build the JWT payload
    JWTCreator.Builder token = JWT.create().withIssuedAt(now).withExpiresAt(expTime).withIssuer(saEmail).withAudience(audience).withSubject(saEmail).withClaim("email", saEmail);
    // Sign the JWT with a service account
    FileInputStream stream = new FileInputStream(saKeyfile);
    ServiceAccountCredentials cred = ServiceAccountCredentials.fromStream(stream);
    RSAPrivateKey key = (RSAPrivateKey) cred.getPrivateKey();
    Algorithm algorithm = Algorithm.RSA256(null, key);
    return token.sign(algorithm);
}
Also used : JWTCreator(com.auth0.jwt.JWTCreator) ServiceAccountCredentials(com.google.auth.oauth2.ServiceAccountCredentials) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) Algorithm(com.auth0.jwt.algorithms.Algorithm) Date(java.util.Date) FileInputStream(java.io.FileInputStream)

Example 14 with com.auth0.jwt.exceptions

use of com.auth0.jwt.exceptions in project sonar-java by SonarSource.

the class JWTWithStrongCipherCheckAuth0Test method auth0JWT.

public void auth0JWT() {
    JWTVerifier nonCompliantVerifier = // Noncompliant [[sc=52;ec=68]] {{Use only strong cipher algorithms when verifying the signature of this JWT.}}
    JWT.require(Algorithm.none()).withSubject(LOGIN).build();
    JWTVerifier nonCompliantVerifier2 = // Noncompliant
    JWT.require(none()).withSubject(LOGIN).build();
    JWTVerifier nonCompliantVerifier3 = // Noncompliant
    JWT.require(com.auth0.jwt.algorithms.Algorithm.none()).withSubject(LOGIN).build();
    JWTVerifier compliantVerifier1 = // Compliant
    JWT.require(Algorithm.HMAC256(SECRET_KEY)).withSubject(LOGIN).build();
    JWTVerifier compliantVerifier2 = // Compliant
    JWT.require(new JWTWithStrongCipherCheckAuth0Test.MyAlgorithm("name", "description")).withSubject(LOGIN).build();
    String tokenNotSigned = JWT.create().withSubject(LOGIN).withExpiresAt(addMinutes(new Date(), 20)).withIssuedAt(new Date()).sign(// Noncompliant [[sc=13;ec=29]] {{Use only strong cipher algorithms when signing this JWT.}}
    Algorithm.none());
    String tokenSigned = JWT.create().withSubject(LOGIN).withExpiresAt(addMinutes(new Date(), 20)).withIssuedAt(new Date()).sign(// Compliant
    Algorithm.HMAC256(SECRET_KEY));
    JWTCreator.Builder builder = JWT.create().withSubject(LOGIN).withExpiresAt(addMinutes(new Date(), 20)).withIssuedAt(new Date());
    // Noncompliant
    String tokenSignedLater = builder.sign(Algorithm.none());
}
Also used : JWTCreator(com.auth0.jwt.JWTCreator) JWTVerifier(com.auth0.jwt.JWTVerifier) Date(java.util.Date)

Example 15 with com.auth0.jwt.exceptions

use of com.auth0.jwt.exceptions in project bookmark by FleyX.

the class JwtUtil method decode.

/**
 * Description: 解密jwt
 *
 * @param token  token
 * @param secret secret
 * @return java.util.Map<java.lang.String, com.auth0.jwt.interfaces.Claim>
 * @author fanxb
 * @date 2019/3/4 18:14
 */
public static Map<String, Claim> decode(String token, String secret) {
    if (token == null || token.length() == 0) {
        throw new CustomException("token为空:" + token);
    }
    Algorithm algorithm = Algorithm.HMAC256(secret);
    JWTVerifier jwtVerifier = JWT.require(algorithm).build();
    DecodedJWT decodedJWT = jwtVerifier.verify(token);
    return decodedJWT.getClaims();
}
Also used : CustomException(com.fanxb.bookmark.common.exception.CustomException) Algorithm(com.auth0.jwt.algorithms.Algorithm) JWTVerifier(com.auth0.jwt.JWTVerifier) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)

Aggregations

Algorithm (com.auth0.jwt.algorithms.Algorithm)8 TokenRequest (com.auth0.net.TokenRequest)8 Test (org.junit.jupiter.api.Test)8 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)8 TokenHolder (com.auth0.json.auth.TokenHolder)7 Date (java.util.Date)7 HashMap (java.util.HashMap)7 JWTCreator (com.auth0.jwt.JWTCreator)6 JWTVerifier (com.auth0.jwt.JWTVerifier)6 Cookie (javax.servlet.http.Cookie)6 ECKey (java.security.interfaces.ECKey)3 AuthorizeUrlBuilder (com.auth0.client.auth.AuthorizeUrlBuilder)2 DecodedJWT (com.auth0.jwt.interfaces.DecodedJWT)2 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)2 ViewModelProvider (androidx.lifecycle.ViewModelProvider)1 NavController (androidx.navigation.NavController)1 TipoUsuario (br.com.propague.api.model.TipoUsuario)1 Usuario (br.com.propague.api.model.Usuario)1 JWT (com.auth0.android.jwt.JWT)1 JWTVerificationException (com.auth0.jwt.exceptions.JWTVerificationException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial