Examples with JwtPublicKeySign com.google.crypto.tink.jwt.JwtPublicKeySign used on opensource projects

Example 1 with JwtPublicKeySign

use of com.google.crypto.tink.jwt.JwtPublicKeySign in project tink by google.

the class JwtSign method main.

public static void main(String[] args) throws Exception {
    if (args.length != 3) {
        System.err.printf("Expected 3 parameters, got %d\n", args.length);
        System.err.println("Usage: java JwtSign private-keyset-file audience token-file");
        System.exit(1);
    }
    File privateKeysetFile = new File(args[0]);
    String audience = args[1];
    File tokenFile = new File(args[2]);
    // Register all JWT signature key types with the Tink runtime.
    JwtSignatureConfig.register();
    // Read the private keyset into a KeysetHandle.
    KeysetHandle privateKeysetHandle = null;
    try {
        privateKeysetHandle = CleartextKeysetHandle.read(JsonKeysetReader.withFile(privateKeysetFile));
    } catch (GeneralSecurityException | IOException ex) {
        System.err.println("Cannot read keyset, got error: " + ex);
        System.exit(1);
    }
    // Get the primitive.
    JwtPublicKeySign signer = null;
    try {
        signer = privateKeysetHandle.getPrimitive(JwtPublicKeySign.class);
    } catch (GeneralSecurityException ex) {
        System.err.println("Cannot create primitive, got error: " + ex);
        System.exit(1);
    }
    // Use the primitive to sign a token that expires in 100 seconds.
    RawJwt rawJwt = RawJwt.newBuilder().addAudience(audience).setExpiration(Instant.now().plusSeconds(100)).build();
    String signedToken = signer.signAndEncode(rawJwt);
    try (FileOutputStream stream = new FileOutputStream(tokenFile)) {
        stream.write(signedToken.getBytes(UTF_8));
    }
    System.exit(0);
}

Example 2 with JwtPublicKeySign

use of com.google.crypto.tink.jwt.JwtPublicKeySign in project tink by google.

the class JwtServiceImpl method publicKeySignAndEncode.

/**
 * Creates a signed compact JWT.
 */
@Override
public void publicKeySignAndEncode(JwtSignRequest request, StreamObserver<JwtSignResponse> responseObserver) {
    JwtSignResponse response;
    try {
        KeysetHandle keysetHandle = CleartextKeysetHandle.read(BinaryKeysetReader.withBytes(request.getKeyset().toByteArray()));
        RawJwt rawJwt = convertJwtTokenToRawJwt(request.getRawJwt());
        JwtPublicKeySign signer = keysetHandle.getPrimitive(JwtPublicKeySign.class);
        String signedCompactJwt = signer.signAndEncode(rawJwt);
        response = JwtSignResponse.newBuilder().setSignedCompactJwt(signedCompactJwt).build();
    } catch (GeneralSecurityException | InvalidProtocolBufferException e) {
        response = JwtSignResponse.newBuilder().setErr(e.toString()).build();
    } catch (IOException e) {
        responseObserver.onError(Status.UNKNOWN.withDescription(e.getMessage()).asException());
        return;
    }
    responseObserver.onNext(response);
    responseObserver.onCompleted();
}