Examples with JWSHeader com.nimbusds.jose.JWSHeader used on opensource projects

Example 11 with JWSHeader

use of com.nimbusds.jose.JWSHeader in project spring-security by spring-projects.

the class NimbusJwtEncoder method convert.

private static JWSHeader convert(JwsHeader headers) {
    JWSHeader.Builder builder = new JWSHeader.Builder(JWSAlgorithm.parse(headers.getAlgorithm().getName()));
    if (headers.getJwkSetUrl() != null) {
        builder.jwkURL(convertAsURI(JoseHeaderNames.JKU, headers.getJwkSetUrl()));
    }
    Map<String, Object> jwk = headers.getJwk();
    if (!CollectionUtils.isEmpty(jwk)) {
        try {
            builder.jwk(JWK.parse(jwk));
        } catch (Exception ex) {
            throw new JwtEncodingException(String.format(ENCODING_ERROR_MESSAGE_TEMPLATE, "Unable to convert '" + JoseHeaderNames.JWK + "' JOSE header"), ex);
        }
    }
    String keyId = headers.getKeyId();
    if (StringUtils.hasText(keyId)) {
        builder.keyID(keyId);
    }
    if (headers.getX509Url() != null) {
        builder.x509CertURL(convertAsURI(JoseHeaderNames.X5U, headers.getX509Url()));
    }
    List<String> x509CertificateChain = headers.getX509CertificateChain();
    if (!CollectionUtils.isEmpty(x509CertificateChain)) {
        List<Base64> x5cList = new ArrayList<>();
        x509CertificateChain.forEach((x5c) -> x5cList.add(new Base64(x5c)));
        if (!x5cList.isEmpty()) {
            builder.x509CertChain(x5cList);
        }
    }
    String x509SHA1Thumbprint = headers.getX509SHA1Thumbprint();
    if (StringUtils.hasText(x509SHA1Thumbprint)) {
        builder.x509CertThumbprint(new Base64URL(x509SHA1Thumbprint));
    }
    String x509SHA256Thumbprint = headers.getX509SHA256Thumbprint();
    if (StringUtils.hasText(x509SHA256Thumbprint)) {
        builder.x509CertSHA256Thumbprint(new Base64URL(x509SHA256Thumbprint));
    }
    String type = headers.getType();
    if (StringUtils.hasText(type)) {
        builder.type(new JOSEObjectType(type));
    }
    String contentType = headers.getContentType();
    if (StringUtils.hasText(contentType)) {
        builder.contentType(contentType);
    }
    Set<String> critical = headers.getCritical();
    if (!CollectionUtils.isEmpty(critical)) {
        builder.criticalParams(critical);
    }
    Map<String, Object> customHeaders = new HashMap<>();
    headers.getHeaders().forEach((name, value) -> {
        if (!JWSHeader.getRegisteredParameterNames().contains(name)) {
            customHeaders.put(name, value);
        }
    });
    if (!customHeaders.isEmpty()) {
        builder.customParams(customHeaders);
    }
    return builder.build();
}

Example 12 with JWSHeader

use of com.nimbusds.jose.JWSHeader in project spring-security by spring-projects.

the class NimbusReactiveJwtDecoderTests method signedJwt.

private SignedJWT signedJwt(SecretKey secretKey, MacAlgorithm jwsAlgorithm, JWTClaimsSet claimsSet) throws Exception {
    SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.parse(jwsAlgorithm.getName())), claimsSet);
    JWSSigner signer = new MACSigner(secretKey);
    signedJWT.sign(signer);
    return signedJWT;
}

Example 13 with JWSHeader

use of com.nimbusds.jose.JWSHeader in project dhis2-core by dhis2.

the class JwtUtils method selectJwk.

private JWK selectJwk(JoseHeader headers) {
    JWSAlgorithm jwsAlgorithm = JWSAlgorithm.parse(headers.getJwsAlgorithm().getName());
    JWSHeader jwsHeader = new JWSHeader(jwsAlgorithm);
    JWKSelector jwkSelector = new JWKSelector(JWKMatcher.forJWSHeader(jwsHeader));
    List<JWK> jwks;
    try {
        jwks = this.jwkSource.get(jwkSelector, null);
    } catch (KeySourceException ex) {
        throw new JwtEncodingException(String.format(ENCODING_ERROR_MESSAGE_TEMPLATE, "Failed to select a JWK signing key -> " + ex.getMessage()), ex);
    }
    if (jwks.size() > 1) {
        throw new JwtEncodingException(String.format(ENCODING_ERROR_MESSAGE_TEMPLATE, "Found multiple JWK signing keys for algorithm '" + jwsAlgorithm.getName() + "'"));
    }
    return !jwks.isEmpty() ? jwks.get(0) : null;
}

Example 14 with JWSHeader

use of com.nimbusds.jose.JWSHeader in project tomee by apache.

the class Tokens method asToken.

public static String asToken(final String claims) throws Exception {
    final PrivateKey pk = readPrivateKey("/testkey.pem");
    try {
        final JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.RS256).type(JOSEObjectType.JWT).build();
        final JWTClaimsSet claimsSet = JWTClaimsSet.parse(claims);
        final SignedJWT jwt = new SignedJWT(header, claimsSet);
        jwt.sign(new RSASSASigner(pk));
        return jwt.serialize();
    } catch (Exception e) {
        throw new RuntimeException("Could not sign JWT");
    }
}

Example 15 with JWSHeader

use of com.nimbusds.jose.JWSHeader in project mycore by MyCoRe-Org.

the class MCRJSONWebTokenUtil method createEmptyJWTwithPublicKey.

/**
 * creates an empty JSON Web Token
 *
 * @param webAppBaseURL - the base url of the application
 *
 * @return the JSON WebToken
 */
public static SignedJWT createEmptyJWTwithPublicKey(String webAppBaseURL) {
    ZonedDateTime currentTime = ZonedDateTime.now(ZoneOffset.UTC);
    JWTClaimsSet claims = new JWTClaimsSet.Builder().issuer(webAppBaseURL).jwtID(UUID.randomUUID().toString()).issueTime(Date.from(currentTime.toInstant())).build();
    String keyID = UUID.randomUUID().toString();
    JWK jwk = new RSAKey.Builder((RSAPublicKey) RSA_KEYS.getPublic()).keyID(keyID).build();
    JWSHeader jwsHeader = new JWSHeader.Builder(JWSAlgorithm.RS256).jwk(jwk).build();
    SignedJWT signedJWT = new SignedJWT(jwsHeader, claims);
    try {
        signedJWT.sign(new RSASSASigner(RSA_KEYS.getPrivate()));
    } catch (JOSEException e) {
        LOGGER.error(e);
    }
    return signedJWT;
}