Example 6 with JWEObject
use of com.nimbusds.jose.JWEObject in project mycore by MyCoRe-Org.
the class MCRJSONWebTokenUtil method retrievePublicKeyFromLoginToken.
/**
* retrieves the client public key from Login Token
*
* @param token - the serialized JSON Web Token from login
* @return the public key as JWK object
*/
public static JWK retrievePublicKeyFromLoginToken(String token) {
JWK result = null;
JWEObject jweObject;
try {
jweObject = JWEObject.parse(token);
// Decrypt with shared key
jweObject.decrypt(new RSADecrypter(RSA_KEYS.getPrivate()));
// Extract payload
SignedJWT signedJWT = jweObject.getPayload().toSignedJWT();
result = signedJWT.getHeader().getJWK();
RSAKey publicKey = RSAKey.parse(result.toJSONObject());
if (signedJWT.verify(new RSASSAVerifier(publicKey))) {
return result;
}
} catch (ParseException | JOSEException e) {
LOGGER.error(e);
}
return null;
}
Also used :
RSAKey(com.nimbusds.jose.jwk.RSAKey)
JWEObject(com.nimbusds.jose.JWEObject)
RSASSAVerifier(com.nimbusds.jose.crypto.RSASSAVerifier)
SignedJWT(com.nimbusds.jwt.SignedJWT)
ParseException(java.text.ParseException)
JOSEException(com.nimbusds.jose.JOSEException)
JWK(com.nimbusds.jose.jwk.JWK)
RSADecrypter(com.nimbusds.jose.crypto.RSADecrypter)
Example 7 with JWEObject
use of com.nimbusds.jose.JWEObject in project mycore by MyCoRe-Org.
the class MCRJSONWebTokenUtil method retrieveUsernamePasswordFromLoginToken.
/**
* retrieves username and password from JSON web tocken
*
* @param token - the serialized JSON web token from login
* @return username and password (combined by ":")
*/
public static String retrieveUsernamePasswordFromLoginToken(String token) {
JWEObject jweObject;
try {
jweObject = JWEObject.parse(token);
// Decrypt with shared key
jweObject.decrypt(new RSADecrypter(RSA_KEYS.getPrivate()));
// Extract payload
SignedJWT signedJWT = jweObject.getPayload().toSignedJWT();
RSAKey serverPublicKey = RSAKey.parse(signedJWT.getHeader().getJWK().toJSONObject());
if (signedJWT.verify(new RSASSAVerifier(serverPublicKey))) {
// Token is valid
String username = signedJWT.getJWTClaimsSet().getSubject();
String password = signedJWT.getJWTClaimsSet().getStringClaim("password");
return username + ":" + password;
}
} catch (ParseException | JOSEException e) {
LOGGER.error(e);
}
return null;
}
Also used :
RSAKey(com.nimbusds.jose.jwk.RSAKey)
JWEObject(com.nimbusds.jose.JWEObject)
RSASSAVerifier(com.nimbusds.jose.crypto.RSASSAVerifier)
SignedJWT(com.nimbusds.jwt.SignedJWT)
ParseException(java.text.ParseException)
JOSEException(com.nimbusds.jose.JOSEException)
RSADecrypter(com.nimbusds.jose.crypto.RSADecrypter)
Aggregations
JWEObject (com.nimbusds.jose.JWEObject)7
SignedJWT (com.nimbusds.jwt.SignedJWT)5
JOSEException (com.nimbusds.jose.JOSEException)4
GeneralSecurityException (java.security.GeneralSecurityException)3
ECCKeyPair (com.fitpay.android.api.models.security.ECCKeyPair)2
JWEHeader (com.nimbusds.jose.JWEHeader)2
Payload (com.nimbusds.jose.Payload)2
RSADecrypter (com.nimbusds.jose.crypto.RSADecrypter)2
RSASSAVerifier (com.nimbusds.jose.crypto.RSASSAVerifier)2
RSAKey (com.nimbusds.jose.jwk.RSAKey)2
ParseException (java.text.ParseException)2
EncryptionMethod (com.nimbusds.jose.EncryptionMethod)1
JWEAlgorithm (com.nimbusds.jose.JWEAlgorithm)1
JWEEncrypter (com.nimbusds.jose.JWEEncrypter)1
JWSVerifier (com.nimbusds.jose.JWSVerifier)1
AESDecrypter (com.nimbusds.jose.crypto.AESDecrypter)1
AESEncrypter (com.nimbusds.jose.crypto.AESEncrypter)1
DirectDecrypter (com.nimbusds.jose.crypto.DirectDecrypter)1
DirectEncrypter (com.nimbusds.jose.crypto.DirectEncrypter)1
ECDSAVerifier (com.nimbusds.jose.crypto.ECDSAVerifier)1
