Search in sources :

Example 11 with Verification

use of com.auth0.jwt.interfaces.Verification in project cryptography by norkator.

the class JWT method verifyECDSA256Jwt.

/**
 * Verify elliptic curve based JWT
 *
 * @param publicPem of key pair
 * @param issuer    party name
 * @param token     of created jwt
 * @return DecodedJWT including claims
 * @throws JWTVerificationException thrown if verification fails
 */
public static DecodedJWT verifyECDSA256Jwt(String publicPem, String issuer, final String token) throws JWTVerificationException, InvalidKeySpecException, NoSuchAlgorithmException {
    ECKey publicKey = (ECKey) PEMToKey.getPemPublicKey(publicPem, "ECDSA");
    Algorithm algorithm = Algorithm.ECDSA256(publicKey);
    JWTVerifier verifier = com.auth0.jwt.JWT.require(algorithm).withIssuer(issuer).build();
    return verifier.verify(token);
}
Also used : ECKey(java.security.interfaces.ECKey) Algorithm(com.auth0.jwt.algorithms.Algorithm) JWTVerifier(com.auth0.jwt.JWTVerifier)

Example 12 with Verification

use of com.auth0.jwt.interfaces.Verification in project open-kilda by telstra.

the class PathVerificationService method handlePacketIn.

private IListener.Command handlePacketIn(IOFSwitch sw, OFPacketIn pkt, FloodlightContext context) {
    long time = System.currentTimeMillis();
    logger.debug("packet_in {} received from {}", pkt.getXid(), sw.getId());
    VerificationPacket verificationPacket = null;
    Ethernet eth = IFloodlightProviderService.bcStore.get(context, IFloodlightProviderService.CONTEXT_PI_PAYLOAD);
    try {
        verificationPacket = deserialize(eth);
    } catch (Exception exception) {
        logger.error("Deserialization failure: {}, exception: {}", exception.getMessage(), exception);
        return Command.CONTINUE;
    }
    try {
        OFPort inPort = pkt.getVersion().compareTo(OFVersion.OF_12) < 0 ? pkt.getInPort() : pkt.getMatch().get(MatchField.IN_PORT);
        ByteBuffer portBB = ByteBuffer.wrap(verificationPacket.getPortId().getValue());
        portBB.position(1);
        OFPort remotePort = OFPort.of(portBB.getShort());
        long timestamp = 0;
        int pathOrdinal = 10;
        IOFSwitch remoteSwitch = null;
        boolean signed = false;
        for (LLDPTLV lldptlv : verificationPacket.getOptionalTLVList()) {
            if (lldptlv.getType() == 127 && lldptlv.getLength() == 12 && lldptlv.getValue()[0] == 0x0 && lldptlv.getValue()[1] == 0x26 && lldptlv.getValue()[2] == (byte) 0xe1 && lldptlv.getValue()[3] == 0x0) {
                ByteBuffer dpidBB = ByteBuffer.wrap(lldptlv.getValue());
                remoteSwitch = switchService.getSwitch(DatapathId.of(dpidBB.getLong(4)));
            } else if (lldptlv.getType() == 127 && lldptlv.getLength() == 12 && lldptlv.getValue()[0] == 0x0 && lldptlv.getValue()[1] == 0x26 && lldptlv.getValue()[2] == (byte) 0xe1 && lldptlv.getValue()[3] == 0x01) {
                ByteBuffer tsBB = ByteBuffer.wrap(lldptlv.getValue());
                /* skip OpenFlow OUI (4 bytes above) */
                long swLatency = sw.getLatency().getValue();
                timestamp = tsBB.getLong(4);
                /* include the RX switch latency to "subtract" it */
                timestamp = timestamp + swLatency;
            } else if (lldptlv.getType() == 127 && lldptlv.getLength() == 8 && lldptlv.getValue()[0] == 0x0 && lldptlv.getValue()[1] == 0x26 && lldptlv.getValue()[2] == (byte) 0xe1 && lldptlv.getValue()[3] == 0x02) {
                ByteBuffer typeBB = ByteBuffer.wrap(lldptlv.getValue());
                pathOrdinal = typeBB.getInt(4);
            } else if (lldptlv.getType() == 127 && lldptlv.getValue()[0] == 0x0 && lldptlv.getValue()[1] == 0x26 && lldptlv.getValue()[2] == (byte) 0xe1 && lldptlv.getValue()[3] == 0x03) {
                ByteBuffer bb = ByteBuffer.wrap(lldptlv.getValue());
                bb.position(4);
                byte[] tokenArray = new byte[lldptlv.getLength() - 4];
                bb.get(tokenArray, 0, tokenArray.length);
                String token = new String(tokenArray);
                try {
                    DecodedJWT jwt = verifier.verify(token);
                    signed = true;
                } catch (JWTVerificationException e) {
                    logger.error("Packet verification failed", e);
                    return Command.STOP;
                }
            }
        }
        if (remoteSwitch == null) {
            return Command.STOP;
        }
        if (!signed) {
            logger.warn("verification packet without sign");
            return Command.STOP;
        }
        U64 latency = (timestamp != 0 && (time - timestamp) > 0) ? U64.of(time - timestamp) : U64.ZERO;
        logger.debug("link discovered: {}-{} ===( {} ms )===> {}-{}", remoteSwitch.getId(), remotePort, latency.getValue(), sw.getId(), inPort);
        // this verification packet was sent from remote switch/port to received switch/port
        // so the link direction is from remote switch/port to received switch/port
        List<PathNode> nodes = Arrays.asList(new PathNode(remoteSwitch.getId().toString(), remotePort.getPortNumber(), 0, latency.getValue()), new PathNode(sw.getId().toString(), inPort.getPortNumber(), 1));
        OFPortDesc port = sw.getPort(inPort);
        long speed = Integer.MAX_VALUE;
        if (port.getVersion().compareTo(OFVersion.OF_13) > 0) {
            for (OFPortDescProp prop : port.getProperties()) {
                if (prop.getType() == 0x0) {
                    speed = ((OFPortDescPropEthernet) prop).getCurrSpeed();
                }
            }
        } else {
            speed = port.getCurrSpeed();
        }
        IslInfoData path = new IslInfoData(latency.getValue(), nodes, speed, IslChangeType.DISCOVERED, getAvailableBandwidth(speed));
        Message message = new InfoMessage(path, System.currentTimeMillis(), "system", null);
        final String json = MAPPER.writeValueAsString(message);
        logger.debug("about to send {}", json);
        producer.send(new ProducerRecord<>(TOPIC, json));
        logger.debug("packet_in processed for {}-{}", sw.getId(), inPort);
    } catch (JsonProcessingException exception) {
        logger.error("could not create json for path packet_in: {}", exception.getMessage(), exception);
    } catch (UnsupportedOperationException exception) {
        logger.error("could not parse packet_in message: {}", exception.getMessage(), exception);
    } catch (Exception exception) {
        logger.error("unknown error during packet_in message processing: {}", exception.getMessage(), exception);
        throw exception;
    }
    return Command.STOP;
}
Also used : IOFSwitch(net.floodlightcontroller.core.IOFSwitch) InfoMessage(org.openkilda.messaging.info.InfoMessage) OFMessage(org.projectfloodlight.openflow.protocol.OFMessage) Message(org.openkilda.messaging.Message) OFPortDescProp(org.projectfloodlight.openflow.protocol.OFPortDescProp) PathNode(org.openkilda.messaging.info.event.PathNode) ByteBuffer(java.nio.ByteBuffer) UnsupportedEncodingException(java.io.UnsupportedEncodingException) JWTVerificationException(com.auth0.jwt.exceptions.JWTVerificationException) JsonProcessingException(com.fasterxml.jackson.core.JsonProcessingException) FloodlightModuleException(net.floodlightcontroller.core.module.FloodlightModuleException) JWTVerificationException(com.auth0.jwt.exceptions.JWTVerificationException) U64(org.projectfloodlight.openflow.types.U64) OFPortDesc(org.projectfloodlight.openflow.protocol.OFPortDesc) InfoMessage(org.openkilda.messaging.info.InfoMessage) OFPortDescPropEthernet(org.projectfloodlight.openflow.protocol.OFPortDescPropEthernet) Ethernet(net.floodlightcontroller.packet.Ethernet) OFPort(org.projectfloodlight.openflow.types.OFPort) IslInfoData(org.openkilda.messaging.info.event.IslInfoData) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT) JsonProcessingException(com.fasterxml.jackson.core.JsonProcessingException) LLDPTLV(net.floodlightcontroller.packet.LLDPTLV)

Example 13 with Verification

use of com.auth0.jwt.interfaces.Verification in project open-kilda by telstra.

the class PathVerificationService method generateVerificationPacket.

public OFPacketOut generateVerificationPacket(IOFSwitch srcSw, OFPort port, IOFSwitch dstSw, boolean sign) {
    try {
        OFPortDesc ofPortDesc = srcSw.getPort(port);
        byte[] chassisId = new byte[] { 4, 0, 0, 0, 0, 0, 0 };
        byte[] portId = new byte[] { 2, 0, 0 };
        byte[] ttlValue = new byte[] { 0, 0x78 };
        byte[] dpidTLVValue = new byte[] { 0x0, 0x26, (byte) 0xe1, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
        LLDPTLV dpidTLV = new LLDPTLV().setType((byte) 127).setLength((short) dpidTLVValue.length).setValue(dpidTLVValue);
        byte[] dpidArray = new byte[8];
        ByteBuffer dpidBB = ByteBuffer.wrap(dpidArray);
        ByteBuffer portBB = ByteBuffer.wrap(portId, 1, 2);
        DatapathId dpid = srcSw.getId();
        dpidBB.putLong(dpid.getLong());
        System.arraycopy(dpidArray, 2, chassisId, 1, 6);
        // Set the optionalTLV to the full SwitchID
        System.arraycopy(dpidArray, 0, dpidTLVValue, 4, 8);
        byte[] zeroMac = { 0, 0, 0, 0, 0, 0 };
        byte[] srcMac = ofPortDesc.getHwAddr().getBytes();
        if (Arrays.equals(srcMac, zeroMac)) {
            int portVal = ofPortDesc.getPortNo().getPortNumber();
            // this is a common scenario
            logger.debug("Port {}/{} has zero hardware address: overwrite with lower 6 bytes of dpid", dpid.toString(), portVal);
            System.arraycopy(dpidArray, 2, srcMac, 0, 6);
        }
        portBB.putShort(port.getShortPortNumber());
        VerificationPacket vp = new VerificationPacket();
        vp.setChassisId(new LLDPTLV().setType((byte) 1).setLength((short) chassisId.length).setValue(chassisId));
        vp.setPortId(new LLDPTLV().setType((byte) 2).setLength((short) portId.length).setValue(portId));
        vp.setTtl(new LLDPTLV().setType((byte) 3).setLength((short) ttlValue.length).setValue(ttlValue));
        vp.getOptionalTLVList().add(dpidTLV);
        // Add the controller identifier to the TLV value.
        // vp.getOptionalTLVList().add(controllerTLV);
        // Add T0 based on format from Floodlight LLDP
        long time = System.currentTimeMillis();
        long swLatency = srcSw.getLatency().getValue();
        byte[] timestampTLVValue = ByteBuffer.allocate(Long.SIZE / 8 + 4).put((byte) 0x00).put((byte) 0x26).put((byte) 0xe1).put(// 0x01 is what we'll use to differentiate DPID (0x00) from time (0x01)
        (byte) 0x01).putLong(time + swLatency).array();
        LLDPTLV timestampTLV = new LLDPTLV().setType((byte) 127).setLength((short) timestampTLVValue.length).setValue(timestampTLVValue);
        vp.getOptionalTLVList().add(timestampTLV);
        // Type
        byte[] typeTLVValue = ByteBuffer.allocate(Integer.SIZE / 8 + 4).put((byte) 0x00).put((byte) 0x26).put((byte) 0xe1).put((byte) 0x02).putInt(PathType.ISL.ordinal()).array();
        LLDPTLV typeTLV = new LLDPTLV().setType((byte) 127).setLength((short) typeTLVValue.length).setValue(typeTLVValue);
        vp.getOptionalTLVList().add(typeTLV);
        if (sign) {
            String token = JWT.create().withClaim("dpid", dpid.getLong()).withClaim("ts", time + swLatency).sign(algorithm);
            byte[] tokenBytes = token.getBytes(Charset.forName("UTF-8"));
            byte[] tokenTLVValue = ByteBuffer.allocate(4 + tokenBytes.length).put((byte) 0x00).put((byte) 0x26).put((byte) 0xe1).put((byte) 0x03).put(tokenBytes).array();
            LLDPTLV tokenTLV = new LLDPTLV().setType((byte) 127).setLength((short) tokenTLVValue.length).setValue(tokenTLVValue);
            vp.getOptionalTLVList().add(tokenTLV);
        }
        MacAddress dstMac = MacAddress.of(VERIFICATION_BCAST_PACKET_DST);
        if (dstSw != null) {
            OFPortDesc sw2OfPortDesc = dstSw.getPort(port);
            dstMac = sw2OfPortDesc.getHwAddr();
        }
        Ethernet l2 = new Ethernet().setSourceMACAddress(MacAddress.of(srcMac)).setDestinationMACAddress(dstMac).setEtherType(EthType.IPv4);
        IPv4Address dstIp = IPv4Address.of(VERIFICATION_PACKET_IP_DST);
        if (dstSw != null) {
            dstIp = IPv4Address.of(((InetSocketAddress) dstSw.getInetAddress()).getAddress().getAddress());
        }
        IPv4 l3 = new IPv4().setSourceAddress(IPv4Address.of(((InetSocketAddress) srcSw.getInetAddress()).getAddress().getAddress())).setDestinationAddress(dstIp).setTtl((byte) 64).setProtocol(IpProtocol.UDP);
        UDP l4 = new UDP();
        l4.setSourcePort(TransportPort.of(VERIFICATION_PACKET_UDP_PORT));
        l4.setDestinationPort(TransportPort.of(VERIFICATION_PACKET_UDP_PORT));
        l2.setPayload(l3);
        l3.setPayload(l4);
        l4.setPayload(vp);
        byte[] data = l2.serialize();
        OFPacketOut.Builder pob = srcSw.getOFFactory().buildPacketOut().setBufferId(OFBufferId.NO_BUFFER).setActions(getDiscoveryActions(srcSw, port)).setData(data);
        OFMessageUtils.setInPort(pob, OFPort.CONTROLLER);
        return pob.build();
    } catch (Exception exception) {
        logger.error("error generating verification packet: {}", exception);
    }
    return null;
}
Also used : UDP(net.floodlightcontroller.packet.UDP) InetSocketAddress(java.net.InetSocketAddress) IPv4(net.floodlightcontroller.packet.IPv4) DatapathId(org.projectfloodlight.openflow.types.DatapathId) MacAddress(org.projectfloodlight.openflow.types.MacAddress) ByteBuffer(java.nio.ByteBuffer) IPv4Address(org.projectfloodlight.openflow.types.IPv4Address) OFPacketOut(org.projectfloodlight.openflow.protocol.OFPacketOut) UnsupportedEncodingException(java.io.UnsupportedEncodingException) JWTVerificationException(com.auth0.jwt.exceptions.JWTVerificationException) JsonProcessingException(com.fasterxml.jackson.core.JsonProcessingException) FloodlightModuleException(net.floodlightcontroller.core.module.FloodlightModuleException) OFPortDesc(org.projectfloodlight.openflow.protocol.OFPortDesc) OFPortDescPropEthernet(org.projectfloodlight.openflow.protocol.OFPortDescPropEthernet) Ethernet(net.floodlightcontroller.packet.Ethernet) LLDPTLV(net.floodlightcontroller.packet.LLDPTLV)

Example 14 with Verification

use of com.auth0.jwt.interfaces.Verification in project DragonProxy by DragonetMC.

the class LoginChainDecoder method decode.

/**
 * decode the chain data in Login packet for MCPE Note: the credit of this
 * function goes to Nukkit development team
 */
public void decode() {
    Map<String, List<String>> map = gson.fromJson(new String(this.chainJWT, StandardCharsets.UTF_8), new TypeToken<Map<String, List<String>>>() {
    }.getType());
    if (map.isEmpty() || !map.containsKey("chain") || map.get("chain").isEmpty())
        return;
    List<DecodedJWT> chainJWTs = new ArrayList<>();
    // Add the JWT tokens to a chain
    for (String token : map.get("chain")) chainJWTs.add(JWT.decode(token));
    DecodedJWT clientJWT = null;
    if (this.clientDataJWT != null) {
        clientJWT = JWT.decode(new String(this.clientDataJWT, StandardCharsets.UTF_8));
        chainJWTs.add(clientJWT);
    }
    // first step, check if the public provided key can decode the received chain
    try {
        ECPublicKey prevPublicKey = null;
        for (DecodedJWT jwt : chainJWTs) {
            JsonObject payload = gson.fromJson(new String(Base64.getDecoder().decode(jwt.getPayload())), JsonObject.class);
            String encodedPublicKey = null;
            ECPublicKey publicKey = null;
            if (payload.has("identityPublicKey")) {
                encodedPublicKey = payload.get("identityPublicKey").getAsString();
                publicKey = (ECPublicKey) EC_KEY_FACTORY.generatePublic(new X509EncodedKeySpec(Base64.getDecoder().decode(encodedPublicKey)));
            }
            // Trust the root ca public key and use it to verify the chain
            if (ENCODED_ROOT_CA_KEY.equals(encodedPublicKey) && payload.has("certificateAuthority") && payload.get("certificateAuthority").getAsBoolean()) {
                prevPublicKey = publicKey;
                continue;
            }
            // This will happen if the root ca key we have does not match the one presented by the client chain
            if (prevPublicKey == null)
                throw new NullPointerException("No trusted public key found in chain, is the client logged in or cracked");
            // Throws a SignatureVerificationException if the verification failed
            Algorithm.ECDSA384(prevPublicKey, null).verify(jwt);
            // Verification was successful since no exception was thrown
            // Set the previous public key to this one so that it can be used
            // to verify the next JWT token in the chain
            prevPublicKey = publicKey;
        }
        // The for loop successfully verified all JWT tokens with no exceptions thrown
        this.loginVerified = true;
        Logger.getLogger(this.getClass().getSimpleName()).info("The LoginPacket has been successfully verified for integrity");
    } catch (Exception e) {
        this.loginVerified = false;
        Logger.getLogger(this.getClass().getSimpleName()).info("Failed to verify the integrity of the LoginPacket");
        e.printStackTrace();
    }
    // This is in its own for loop due to the possibility that the chain verification failed
    for (DecodedJWT jwt : chainJWTs) {
        JsonObject payload = gson.fromJson(new String(Base64.getDecoder().decode(jwt.getPayload())), JsonObject.class);
        // Get the information we care about - The UUID and display name
        if (payload.has("extraData") && !payload.has("certificateAuthority")) {
            extraData = payload.get("extraData").getAsJsonObject();
            if (extraData.has("displayName"))
                this.username = extraData.get("displayName").getAsString();
            if (extraData.has("identity"))
                this.clientUniqueId = UUID.fromString(extraData.get("identity").getAsString());
            break;
        }
    }
    // debug purpose
    if (log_profiles_files) {
        try {
            BufferedWriter writer1 = new BufferedWriter(new FileWriter("logs/" + username + ".rawChainJTW"));
            writer1.write(getChainJWT());
            writer1.close();
            BufferedWriter writer = new BufferedWriter(new FileWriter("logs/" + username + ".rawClientDataJTW"));
            writer.write(getClientDataJWT());
            writer.close();
        } catch (Exception ex) {
            ex.printStackTrace();
        }
        // debug purpose
        int index = 0;
        for (DecodedJWT jwt : chainJWTs) {
            JsonObject payload = gson.fromJson(new String(Base64.getDecoder().decode(jwt.getPayload())), JsonObject.class);
            try {
                BufferedWriter writer = new BufferedWriter(new FileWriter("logs/" + username + "_" + index + ".decodedChain"));
                writer.write(payload.toString());
                writer.close();
                index++;
            } catch (Exception ex) {
                ex.printStackTrace();
            }
        }
    }
    // client data & skin
    if (clientJWT != null) {
        this.clientData = gson.fromJson(new String(Base64.getDecoder().decode(clientJWT.getPayload()), StandardCharsets.UTF_8), JsonObject.class);
        // debug purpose
        if (log_profiles_files) {
            try {
                BufferedWriter writer1 = new BufferedWriter(new FileWriter("logs/" + username + ".decodedData"));
                writer1.write(this.clientData.toString());
                writer1.close();
            } catch (Exception ex) {
                ex.printStackTrace();
            }
        }
        if (this.clientData.has("ClientRandomId"))
            this.clientId = this.clientData.get("ClientRandomId").getAsLong();
        if (this.clientData.has("SkinData") && this.clientData.has("SkinId")) {
            this.skin = new Skin(this.clientData.get("SkinData").getAsString(), this.clientData.get("SkinId").getAsString());
            if (this.clientData.has("CapeData"))
                this.skin.setCape(this.skin.new Cape(Base64.getDecoder().decode(this.clientData.get("CapeData").getAsString())));
        } else
            this.skin = Skin.DEFAULT_SKIN_STEVE;
        if (this.clientData.has("SkinGeometryName"))
            this.skinGeometryName = this.clientData.get("SkinGeometryName").getAsString();
        if (this.clientData.has("SkinGeometry"))
            this.skinGeometry = Base64.getDecoder().decode(this.clientData.get("SkinGeometry").getAsString());
    }
}
Also used : FileWriter(java.io.FileWriter) ArrayList(java.util.ArrayList) JsonObject(com.google.gson.JsonObject) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) BufferedWriter(java.io.BufferedWriter) ECPublicKey(java.security.interfaces.ECPublicKey) TypeToken(com.google.gson.reflect.TypeToken) ArrayList(java.util.ArrayList) List(java.util.List) Skin(org.dragonet.common.data.entity.Skin) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)

Example 15 with Verification

use of com.auth0.jwt.interfaces.Verification in project ddf by codice.

the class TestOidc method processCredentialFlow.

/**
 * Processes a credential flow request/response
 *
 * <ul>
 *   <li>Sets up a userinfo endpoint that responds with the given {@param userInfoResponse} when
 *       given {@param accessToken}
 *   <li>Sends a request to Intrigue with the {@param accessToken} as a parameter
 *   <li>Asserts that the response is teh expected response
 *   <li>Verifies if the userinfo endpoint is hit or not
 * </ul>
 *
 * @return the response for additional verification
 */
private Response processCredentialFlow(String accessToken, String userInfoResponse, boolean isSigned, int expectedStatusCode, boolean userInfoShouldBeHit) {
    // Host the user info endpoint with the access token in the auth header
    String basicAuthHeader = "Bearer " + accessToken;
    String contentType = isSigned ? "application/jwt" : APPLICATION_JSON;
    whenHttp(server).match(get(USER_INFO_ENDPOINT_PATH), withHeader(AUTHORIZATION, basicAuthHeader)).then(ok(), contentType(contentType), bytesContent(userInfoResponse.getBytes()));
    // Send a request to DDF with the access token
    Response response = given().redirects().follow(false).expect().statusCode(expectedStatusCode).when().get(ROOT_URL.getUrl() + "?access_token=" + accessToken);
    List<Call> endpointCalls = server.getCalls().stream().filter(call -> call.getMethod().getMethodString().equals(GET)).filter(call -> call.getUrl().equals(URL_START + USER_INFO_ENDPOINT_PATH)).collect(Collectors.toList());
    if (userInfoShouldBeHit) {
        assertThat(endpointCalls.size(), is(greaterThanOrEqualTo(1)));
    } else {
        assertThat(endpointCalls.size(), is(0));
    }
    return response;
}
Also used : Response(io.restassured.response.Response) KeyPair(java.security.KeyPair) Arrays(java.util.Arrays) StubServer(com.xebialabs.restito.server.StubServer) GET(javax.ws.rs.HttpMethod.GET) Enumeration(java.util.Enumeration) Date(java.util.Date) PREFERRED_USERNAME(org.pac4j.oidc.profile.OidcProfileDefinition.PREFERRED_USERNAME) HttpStatus(org.apache.http.HttpStatus) GsonBuilder(com.google.gson.GsonBuilder) Algorithm(com.auth0.jwt.algorithms.Algorithm) NONCE(org.pac4j.oidc.profile.OidcProfileDefinition.NONCE) RSAPublicKey(java.security.interfaces.RSAPublicKey) Gson(com.google.gson.Gson) Duration(java.time.Duration) Map(java.util.Map) Base64URL(com.nimbusds.jose.util.Base64URL) AbstractIntegrationTest(org.codice.ddf.itests.common.AbstractIntegrationTest) URI(java.net.URI) APPLICATION_JSON(javax.ws.rs.core.MediaType.APPLICATION_JSON) KeyPairGenerator(java.security.KeyPairGenerator) Awaitility.await(org.awaitility.Awaitility.await) ImmutableMap(com.google.common.collect.ImmutableMap) JWTCreator(com.auth0.jwt.JWTCreator) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) Condition.parameter(com.xebialabs.restito.semantics.Condition.parameter) UUID(java.util.UUID) Instant(java.time.Instant) Collectors(java.util.stream.Collectors) JWK(com.nimbusds.jose.jwk.JWK) StandardCharsets(java.nio.charset.StandardCharsets) HOST(javax.ws.rs.core.HttpHeaders.HOST) PerSuite(org.ops4j.pax.exam.spi.reactors.PerSuite) List(java.util.List) JSONObject(org.json.simple.JSONObject) Action.bytesContent(com.xebialabs.restito.semantics.Action.bytesContent) KeyUse(com.nimbusds.jose.jwk.KeyUse) URLEncodedUtils(org.apache.http.client.utils.URLEncodedUtils) SECURE_ROOT(org.codice.ddf.itests.common.AbstractIntegrationTest.DynamicUrl.SECURE_ROOT) Action.ok(com.xebialabs.restito.semantics.Action.ok) RestAssured.given(io.restassured.RestAssured.given) Matchers.is(org.hamcrest.Matchers.is) Condition.withHeader(com.xebialabs.restito.semantics.Condition.withHeader) AfterExam(org.codice.ddf.test.common.annotations.AfterExam) NameValuePair(org.apache.http.NameValuePair) Dictionary(java.util.Dictionary) StubHttp.whenHttp(com.xebialabs.restito.builder.stub.StubHttp.whenHttp) PaxExam(org.ops4j.pax.exam.junit.PaxExam) JWT(com.auth0.jwt.JWT) Call(com.xebialabs.restito.semantics.Call) MessageDigest(java.security.MessageDigest) RunWith(org.junit.runner.RunWith) BeforeExam(org.codice.ddf.test.common.annotations.BeforeExam) AZP(org.pac4j.oidc.profile.OidcProfileDefinition.AZP) REFRESH_TOKEN(org.pac4j.oidc.profile.OidcProfileDefinition.REFRESH_TOKEN) LOCATION(javax.ws.rs.core.HttpHeaders.LOCATION) Condition.post(com.xebialabs.restito.semantics.Condition.post) ImmutableList(com.google.common.collect.ImmutableList) Configuration(org.osgi.service.cm.Configuration) MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat) Condition.get(com.xebialabs.restito.semantics.Condition.get) AUTHORIZATION(javax.ws.rs.core.HttpHeaders.AUTHORIZATION) GsonTypeAdapters(org.codice.gsonsupport.GsonTypeAdapters) Hashtable(java.util.Hashtable) Before(org.junit.Before) Matchers.greaterThanOrEqualTo(org.hamcrest.Matchers.greaterThanOrEqualTo) PublicClaims(com.auth0.jwt.impl.PublicClaims) Assert.assertTrue(org.junit.Assert.assertTrue) AUTH_TIME(org.pac4j.oidc.profile.OidcProfileDefinition.AUTH_TIME) Test(org.junit.Test) USER_AGENT(javax.ws.rs.core.HttpHeaders.USER_AGENT) EMAIL_VERIFIED(org.pac4j.oidc.profile.OidcProfileDefinition.EMAIL_VERIFIED) TimeUnit(java.util.concurrent.TimeUnit) ExamReactorStrategy(org.ops4j.pax.exam.spi.reactors.ExamReactorStrategy) RSAKey(com.nimbusds.jose.jwk.RSAKey) Response(io.restassured.response.Response) Action.contentType(com.xebialabs.restito.semantics.Action.contentType) ACCESS_TOKEN(org.pac4j.oidc.profile.OidcProfileDefinition.ACCESS_TOKEN) LoggingUtils(org.codice.ddf.test.common.LoggingUtils) Call(com.xebialabs.restito.semantics.Call)

Aggregations

Test (org.junit.Test)29 DecodedJWT (com.auth0.jwt.interfaces.DecodedJWT)28 Algorithm (com.auth0.jwt.algorithms.Algorithm)14 JWTVerificationException (com.auth0.jwt.exceptions.JWTVerificationException)11 Date (java.util.Date)11 Verification (com.auth0.jwt.interfaces.Verification)9 UnsupportedEncodingException (java.io.UnsupportedEncodingException)6 JWTVerifier (com.auth0.jwt.JWTVerifier)5 RSAPublicKey (java.security.interfaces.RSAPublicKey)5 Job (com.auth0.json.mgmt.jobs.Job)4 Claim (com.auth0.jwt.interfaces.Claim)4 Clock (com.auth0.jwt.interfaces.Clock)4 List (java.util.List)4 RecordedRequest (okhttp3.mockwebserver.RecordedRequest)4 JWT (com.auth0.jwt.JWT)3 JWTVerifier (com.auth0.jwt.interfaces.JWTVerifier)3 JsonProcessingException (com.fasterxml.jackson.core.JsonProcessingException)3 IOException (java.io.IOException)3 ByteBuffer (java.nio.ByteBuffer)3 FloodlightModuleException (net.floodlightcontroller.core.module.FloodlightModuleException)3