use of com.nike.cerberus.jwt.CerberusJwtKeySpec in project cerberus by Nike-Inc.
the class JwtService method generateJwtToken.
/**
* Generate JWT token
*
* @param cerberusJwtClaims Cerberus JWT claims
* @return JWT token
*/
public String generateJwtToken(CerberusJwtClaims cerberusJwtClaims) throws AuthTokenTooLongException {
CerberusJwtKeySpec cerberusJwtKeySpec = signingKeyResolver.resolveSigningKey();
String principal = cerberusJwtClaims.getPrincipal();
String jwtToken = Jwts.builder().setHeaderParam(JwsHeader.KEY_ID, cerberusJwtKeySpec.getKid()).setId(cerberusJwtClaims.getId()).setIssuer(environmentName).setSubject(principal).claim(PRINCIPAL_TYPE_CLAIM_NAME, cerberusJwtClaims.getPrincipalType()).claim(GROUP_CLAIM_NAME, cerberusJwtClaims.getGroups()).claim(IS_ADMIN_CLAIM_NAME, cerberusJwtClaims.getIsAdmin()).claim(REFRESH_COUNT_CLAIM_NAME, cerberusJwtClaims.getRefreshCount()).setExpiration(Date.from(cerberusJwtClaims.getExpiresTs().toInstant())).setIssuedAt(Date.from(cerberusJwtClaims.getCreatedTs().toInstant())).signWith(cerberusJwtKeySpec).compressWith(CompressionCodecs.GZIP).compact();
int tokenLength = jwtToken.length();
log.info("{}: JWT length: {}", principal, tokenLength);
if (tokenLength > maxTokenLength) {
String msg = String.format("Token for %s is %d characters long. The max is %d bytes.", principal, tokenLength, maxTokenLength);
throw new AuthTokenTooLongException(msg);
}
return jwtToken;
}
use of com.nike.cerberus.jwt.CerberusJwtKeySpec in project cerberus by Nike-Inc.
the class JwtServiceTest method setUp.
@Before
public void setUp() throws Exception {
initMocks(this);
jwtService = new JwtService(signingKeyResolver, "local", jwtBlocklistDao);
ReflectionTestUtils.setField(jwtService, "maxTokenLength", 1600);
cerberusJwtKeySpec = new CerberusJwtKeySpec(new byte[64], "HmacSHA512", "key id");
cerberusJwtClaims = new CerberusJwtClaims();
cerberusJwtClaims.setId("id");
cerberusJwtClaims.setPrincipal("principal");
cerberusJwtClaims.setGroups("groups");
cerberusJwtClaims.setIsAdmin(true);
cerberusJwtClaims.setPrincipalType("type");
cerberusJwtClaims.setRefreshCount(1);
cerberusJwtClaims.setCreatedTs(OffsetDateTime.of(2000, 1, 1, 1, 1, 1, 1, ZoneOffset.UTC));
cerberusJwtClaims.setExpiresTs(// should be good for a while
OffsetDateTime.of(3000, 1, 1, 1, 1, 1, 1, ZoneOffset.UTC));
when(signingKeyResolver.resolveSigningKey()).thenReturn(cerberusJwtKeySpec);
when(signingKeyResolver.resolveSigningKey(any(JwsHeader.class), any(Claims.class))).thenReturn(cerberusJwtKeySpec);
}
Aggregations