use of com.nimbusds.jose.JWSSigner in project ratauth by alfa-laboratory.
the class HS256TokenProcessor method createToken.
@Override
@SneakyThrows
public String createToken(String clientId, String secret, String identifier, Date created, Date expiresIn, Set<String> audience, Set<String> scopes, Collection<String> authContext, String userId, Map<String, Object> userInfo) {
final JWSSigner signer = new MACSigner(Base64.getDecoder().decode(secret));
final List<String> aud = new ArrayList<>(audience);
aud.add(clientId);
// Prepare JWT with claims set
JWTClaimsSet.Builder jwtBuilder = new JWTClaimsSet.Builder().issuer(issuer).subject(userId).expirationTime(expiresIn).audience(aud).claim(SCOPE, scopes).claim(CLIENT_ID, clientId).claim(ACR_VALUES, authContext).jwtID(identifier).issueTime(created);
userInfo.forEach(jwtBuilder::claim);
SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.HS256), jwtBuilder.build());
// Apply the HMAC protection
signedJWT.sign(signer);
// eyJhbGciOiJIUzI1NiJ9.SGVsbG8sIHdvcmxkIQ.onO9Ihudz3WkiauDO2Uhyuz0Y18UASXlSc1eS0NkWyA
return signedJWT.serialize();
}
use of com.nimbusds.jose.JWSSigner in project ORCID-Source by ORCID.
the class OpenIDConnectKeyService method sign.
/**
* Get the private key for signing
*
* @return
* @throws JOSEException
*/
public SignedJWT sign(JWTClaimsSet claims) throws JOSEException {
JWSSigner signer = new RSASSASigner(privateJWK);
JWSHeader.Builder head = new JWSHeader.Builder(defaultAlg);
head.keyID(getDefaultKeyID());
SignedJWT signedJWT = new SignedJWT(head.build(), claims);
signedJWT.sign(signer);
return signedJWT;
/* For HMAC we could do the following. This may be useful for the implicit flow:
ClientDetailsEntity clientEntity = clientDetailsEntityCacheManager.retrieve(authentication.getOAuth2Request().getClientId());
JWSSigner signer = new MACSigner(StringUtils.rightPad(clientEntity.getDecryptedClientSecret(), 32, "#").getBytes());
signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.HS256), claims.build());
signedJWT.sign(signer);
*/
}
use of com.nimbusds.jose.JWSSigner in project knox by apache.
the class JWTTokenTest method testTokenSignatureRS512.
@Test
public void testTokenSignatureRS512() throws Exception {
String[] claims = new String[4];
claims[0] = "KNOXSSO";
claims[1] = "john.doe@example.com";
claims[2] = "https://login.example.com";
claims[3] = Long.toString((System.currentTimeMillis() / 1000) + 300);
JWT token = new JWTToken(JWSAlgorithm.RS512.getName(), claims);
assertEquals("KNOXSSO", token.getIssuer());
assertEquals("john.doe@example.com", token.getSubject());
assertEquals("https://login.example.com", token.getAudience());
assertTrue(token.getHeader().contains(JWSAlgorithm.RS512.getName()));
// Sign the token
JWSSigner signer = new RSASSASigner(privateKey);
token.sign(signer);
assertTrue(token.getSignaturePayload().length > 0);
// Verify the signature
JWSVerifier verifier = new RSASSAVerifier((RSAPublicKey) publicKey);
assertTrue(token.verify(verifier));
}
use of com.nimbusds.jose.JWSSigner in project ovirt-engine by oVirt.
the class OpenIdUtils method createJWT.
/**
* Create a Java web token and sign with the RSA key. Used by the openid userinfo endpoint to send userinfo back.
*/
public static String createJWT(HttpServletRequest request, SsoSession ssoSession, String clientId) throws JOSEException {
// Create RSA-signer with the private key
JWSSigner signer = new RSASSASigner(keyPair.getPrivate());
SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.RS256), createJWTClaimSet(request, ssoSession, clientId));
signedJWT.sign(signer);
return signedJWT.serialize();
}
use of com.nimbusds.jose.JWSSigner in project spring-security by spring-projects.
the class NimbusReactiveJwtDecoderTests method signedJwt.
private SignedJWT signedJwt(SecretKey secretKey, MacAlgorithm jwsAlgorithm, JWTClaimsSet claimsSet) throws Exception {
SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.parse(jwsAlgorithm.getName())), claimsSet);
JWSSigner signer = new MACSigner(secretKey);
signedJWT.sign(signer);
return signedJWT;
}
Aggregations