Examples with JWSHeader com.nimbusds.jose.JWSHeader used on opensource projects

Search in sources :

Example 21 with JWSHeader

use of com.nimbusds.jose.JWSHeader in project carbon-apimgt by wso2.

the class InternalAPIKeyGenerator method generateToken.

public String generateToken(JwtTokenInfoDTO jwtTokenInfoDTO) throws APIManagementException {
    JWSHeader jwtHeader = buildHeader();
    JWTClaimsSet jwtBody = buildBody(jwtTokenInfoDTO);
    SignedJWT signedJWT = new SignedJWT(jwtHeader, jwtBody);
    // get the assertion signed
    buildSignature(signedJWT);
    if (log.isDebugEnabled()) {
        log.debug("signed assertion value : " + signedJWT.getParsedString());
    }
    return signedJWT.serialize();
}
Also used : JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet) SignedJWT(com.nimbusds.jwt.SignedJWT) JWSHeader(com.nimbusds.jose.JWSHeader)

Example 22 with JWSHeader

use of com.nimbusds.jose.JWSHeader in project flow by vaadin.

the class JwtSecurityContextRepositoryTest method saveContext_doesNotSaveJwt_when_algorithmHasNoKey.

@Test
public void saveContext_doesNotSaveJwt_when_algorithmHasNoKey() throws JOSEException {
    SecurityContext securityContext = SecurityContextHolder.createEmptyContext();
    JWSHeader header = getHeaderBuilder().build();
    JWTClaimsSet claimsSet = getClaimsSetBuilder().build();
    Mockito.doReturn(getJwtAuthenticationToken(header, claimsSet)).when(securityContext).getAuthentication();
    jwtSecurityContextRepository.setJwsAlgorithm(JWSAlgorithm.HS512);
    jwtSecurityContextRepository.saveContext(securityContext, request, response);
    String serializedJwt = getSavedSerializedJwt();
    Assert.assertNull(serializedJwt);
}
Also used : JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet) SecurityContext(org.springframework.security.core.context.SecurityContext) JWSHeader(com.nimbusds.jose.JWSHeader) Test(org.junit.Test)

Example 23 with JWSHeader

use of com.nimbusds.jose.JWSHeader in project flow by vaadin.

the class JwtSecurityContextRepositoryTest method saveContext_doesNotSaveJwt_when_keySourceReturnsEmpty.

@Test
public void saveContext_doesNotSaveJwt_when_keySourceReturnsEmpty() throws JOSEException {
    SecurityContext securityContext = SecurityContextHolder.createEmptyContext();
    JWSHeader header = getHeaderBuilder().build();
    JWTClaimsSet claimsSet = getClaimsSetBuilder().build();
    Mockito.doReturn(getJwtAuthenticationToken(header, claimsSet)).when(securityContext).getAuthentication();
    jwtSecurityContextRepository.setJwkSource((jwkSelector, context) -> new ArrayList<>());
    Assert.assertThrows(IndexOutOfBoundsException.class, () -> jwtSecurityContextRepository.saveContext(securityContext, request, response));
    String serializedJwt = getSavedSerializedJwt();
    Assert.assertNull(serializedJwt);
}
Also used : JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet) SecurityContext(org.springframework.security.core.context.SecurityContext) JWSHeader(com.nimbusds.jose.JWSHeader) Test(org.junit.Test)

Example 24 with JWSHeader

use of com.nimbusds.jose.JWSHeader in project flow by vaadin.

the class JwtSecurityContextRepositoryTest method saveContext_doesSaveJwt_withAlgoritm.

@Test
public void saveContext_doesSaveJwt_withAlgoritm() throws JOSEException, BadJOSEException, ParseException {
    SecurityContext securityContext = SecurityContextHolder.createEmptyContext();
    JWSHeader header = getHeaderBuilder().build();
    JWTClaimsSet claimsSet = getClaimsSetBuilder().build();
    Mockito.doReturn(getJwtAuthenticationToken(header, claimsSet)).when(securityContext).getAuthentication();
    final ImmutableSecret secret = new ImmutableSecret<>(TEST_64BYTE_KEY.getEncoded());
    jwtSecurityContextRepository.setJwkSource(secret);
    jwtSecurityContextRepository.setJwsAlgorithm(JWSAlgorithm.HS512);
    jwtSecurityContextRepository.saveContext(securityContext, request, response);
    jwtProcessor.setJWSKeySelector(new JWSVerificationKeySelector<>(JWSAlgorithm.HS512, secret));
    String serializedJwt = getSavedSerializedJwt();
    JWTClaimsSet decodedClaimsSet = decodeSerializedJwt(serializedJwt, jwtProcessor);
    assertClaims(decodedClaimsSet, TEST_USERNAME, TEST_ROLES, 1800);
}
Also used : ImmutableSecret(com.nimbusds.jose.jwk.source.ImmutableSecret) JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet) SecurityContext(org.springframework.security.core.context.SecurityContext) JWSHeader(com.nimbusds.jose.JWSHeader) Test(org.junit.Test)

Example 25 with JWSHeader

use of com.nimbusds.jose.JWSHeader in project flow by vaadin.

the class JwtSecurityContextRepositoryTest method saveContext_doesSaveJwt_withOtherKey.

@Test
public void saveContext_doesSaveJwt_withOtherKey() throws JOSEException, BadJOSEException, ParseException {
    SecurityContext securityContext = SecurityContextHolder.createEmptyContext();
    JWSHeader header = getHeaderBuilder().build();
    JWTClaimsSet claimsSet = getClaimsSetBuilder().build();
    Mockito.doReturn(getJwtAuthenticationToken(header, claimsSet)).when(securityContext).getAuthentication();
    final ImmutableSecret secret = new ImmutableSecret<>(TEST_OTHER_KEY);
    jwtSecurityContextRepository.setJwkSource(secret);
    jwtSecurityContextRepository.saveContext(securityContext, request, response);
    jwtProcessor.setJWSKeySelector(new JWSVerificationKeySelector<>(JWSAlgorithm.HS256, secret));
    String serializedJwt = getSavedSerializedJwt();
    JWTClaimsSet decodedClaimsSet = decodeSerializedJwt(serializedJwt, jwtProcessor);
    assertClaims(decodedClaimsSet, TEST_USERNAME, TEST_ROLES, 1800);
}
Also used : ImmutableSecret(com.nimbusds.jose.jwk.source.ImmutableSecret) JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet) SecurityContext(org.springframework.security.core.context.SecurityContext) JWSHeader(com.nimbusds.jose.JWSHeader) Test(org.junit.Test)

Aggregations

JWSHeader (com.nimbusds.jose.JWSHeader)67 JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)56 SignedJWT (com.nimbusds.jwt.SignedJWT)50 Test (org.junit.Test)24 RSASSASigner (com.nimbusds.jose.crypto.RSASSASigner)21 JWSSigner (com.nimbusds.jose.JWSSigner)18 ArrayList (java.util.ArrayList)12 SecurityContext (org.springframework.security.core.context.SecurityContext)12 OAuth2TokenValidator (org.springframework.security.oauth2.core.OAuth2TokenValidator)12 JOSEException (com.nimbusds.jose.JOSEException)11 DelegatingOAuth2TokenValidator (org.springframework.security.oauth2.core.DelegatingOAuth2TokenValidator)10 RestOperations (org.springframework.web.client.RestOperations)10 Test (org.junit.jupiter.api.Test)9 Date (java.util.Date)8 Jwt (org.springframework.security.oauth2.jwt.Jwt)8 JSONObject (net.minidev.json.JSONObject)7 JWSAlgorithm (com.nimbusds.jose.JWSAlgorithm)6 MACSigner (com.nimbusds.jose.crypto.MACSigner)6 JWK (com.nimbusds.jose.jwk.JWK)6 PrivateKey (java.security.PrivateKey)6
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial