Example 1 with CerberusJwtKeySpec
use of com.nike.cerberus.jwt.CerberusJwtKeySpec in project cerberus by Nike-Inc.
the class JwtService method generateJwtToken.
/**
* Generate JWT token
*
* @param cerberusJwtClaims Cerberus JWT claims
* @return JWT token
*/
public String generateJwtToken(CerberusJwtClaims cerberusJwtClaims) throws AuthTokenTooLongException {
CerberusJwtKeySpec cerberusJwtKeySpec = signingKeyResolver.resolveSigningKey();
String principal = cerberusJwtClaims.getPrincipal();
String jwtToken = Jwts.builder().setHeaderParam(JwsHeader.KEY_ID, cerberusJwtKeySpec.getKid()).setId(cerberusJwtClaims.getId()).setIssuer(environmentName).setSubject(principal).claim(PRINCIPAL_TYPE_CLAIM_NAME, cerberusJwtClaims.getPrincipalType()).claim(GROUP_CLAIM_NAME, cerberusJwtClaims.getGroups()).claim(IS_ADMIN_CLAIM_NAME, cerberusJwtClaims.getIsAdmin()).claim(REFRESH_COUNT_CLAIM_NAME, cerberusJwtClaims.getRefreshCount()).setExpiration(Date.from(cerberusJwtClaims.getExpiresTs().toInstant())).setIssuedAt(Date.from(cerberusJwtClaims.getCreatedTs().toInstant())).signWith(cerberusJwtKeySpec).compressWith(CompressionCodecs.GZIP).compact();
int tokenLength = jwtToken.length();
log.info("{}: JWT length: {}", principal, tokenLength);
if (tokenLength > maxTokenLength) {
String msg = String.format("Token for %s is %d characters long. The max is %d bytes.", principal, tokenLength, maxTokenLength);
throw new AuthTokenTooLongException(msg);
}
return jwtToken;
}
Also used :
AuthTokenTooLongException(com.nike.cerberus.error.AuthTokenTooLongException)
CerberusJwtKeySpec(com.nike.cerberus.jwt.CerberusJwtKeySpec)
Example 2 with CerberusJwtKeySpec
use of com.nike.cerberus.jwt.CerberusJwtKeySpec in project cerberus by Nike-Inc.
the class JwtServiceTest method setUp.
@Before
public void setUp() throws Exception {
initMocks(this);
jwtService = new JwtService(signingKeyResolver, "local", jwtBlocklistDao);
ReflectionTestUtils.setField(jwtService, "maxTokenLength", 1600);
cerberusJwtKeySpec = new CerberusJwtKeySpec(new byte[64], "HmacSHA512", "key id");
cerberusJwtClaims = new CerberusJwtClaims();
cerberusJwtClaims.setId("id");
cerberusJwtClaims.setPrincipal("principal");
cerberusJwtClaims.setGroups("groups");
cerberusJwtClaims.setIsAdmin(true);
cerberusJwtClaims.setPrincipalType("type");
cerberusJwtClaims.setRefreshCount(1);
cerberusJwtClaims.setCreatedTs(OffsetDateTime.of(2000, 1, 1, 1, 1, 1, 1, ZoneOffset.UTC));
cerberusJwtClaims.setExpiresTs(// should be good for a while
OffsetDateTime.of(3000, 1, 1, 1, 1, 1, 1, ZoneOffset.UTC));
when(signingKeyResolver.resolveSigningKey()).thenReturn(cerberusJwtKeySpec);
when(signingKeyResolver.resolveSigningKey(any(JwsHeader.class), any(Claims.class))).thenReturn(cerberusJwtKeySpec);
}
Also used :
Claims(io.jsonwebtoken.Claims)
CerberusJwtClaims(com.nike.cerberus.jwt.CerberusJwtClaims)
CerberusJwtClaims(com.nike.cerberus.jwt.CerberusJwtClaims)
JwsHeader(io.jsonwebtoken.JwsHeader)
CerberusJwtKeySpec(com.nike.cerberus.jwt.CerberusJwtKeySpec)
Before(org.junit.Before)
Aggregations
CerberusJwtKeySpec (com.nike.cerberus.jwt.CerberusJwtKeySpec)2
AuthTokenTooLongException (com.nike.cerberus.error.AuthTokenTooLongException)1
CerberusJwtClaims (com.nike.cerberus.jwt.CerberusJwtClaims)1
Claims (io.jsonwebtoken.Claims)1
JwsHeader (io.jsonwebtoken.JwsHeader)1
Before (org.junit.Before)1
