Example 21 with JWSSigner
use of com.nimbusds.jose.JWSSigner in project quickstart by wildfly.
the class JwtManager method createJwt.
public String createJwt(final String subject, final String[] roles) throws Exception {
JWSSigner signer = new RSASSASigner(privateKey);
JsonArrayBuilder rolesBuilder = Json.createArrayBuilder();
for (String role : roles) {
rolesBuilder.add(role);
}
JsonObjectBuilder claimsBuilder = Json.createObjectBuilder().add("sub", subject).add("iss", ISSUER).add("aud", AUDIENCE).add(CLAIM_ROLES, rolesBuilder.build()).add("exp", ((System.currentTimeMillis() / 1000) + TOKEN_VALIDITY));
JWSObject jwsObject = new JWSObject(new JWSHeader.Builder(JWSAlgorithm.RS256).type(new JOSEObjectType("jwt")).build(), new Payload(claimsBuilder.build().toString()));
jwsObject.sign(signer);
return jwsObject.serialize();
}
Also used :
JOSEObjectType(com.nimbusds.jose.JOSEObjectType)
RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner)
Payload(com.nimbusds.jose.Payload)
JsonArrayBuilder(javax.json.JsonArrayBuilder)
JsonObjectBuilder(javax.json.JsonObjectBuilder)
JWSObject(com.nimbusds.jose.JWSObject)
JWSSigner(com.nimbusds.jose.JWSSigner)
JWSHeader(com.nimbusds.jose.JWSHeader)
Example 22 with JWSSigner
use of com.nimbusds.jose.JWSSigner in project oxAuth by GluuFederation.
the class JwtCrossCheckTest method createNimbusJwt.
private static String createNimbusJwt(OxAuthCryptoProvider cryptoProvider, String kid, SignatureAlgorithm signatureAlgorithm) throws Exception {
final AlgorithmFamily family = signatureAlgorithm.getFamily();
JWSSigner signer = null;
switch(family) {
case RSA:
signer = new RSASSASigner(RSAKey.load(cryptoProvider.getKeyStore(), kid, cryptoProvider.getKeyStoreSecret().toCharArray()));
break;
case EC:
signer = new com.nimbusds.jose.crypto.ECDSASigner(ECKey.load(cryptoProvider.getKeyStore(), kid, cryptoProvider.getKeyStoreSecret().toCharArray()));
break;
}
JWTClaimsSet claimsSet = new JWTClaimsSet.Builder().subject("1202.d50a4eeb-ab5d-474b-aaaf-e4aa47bc54a5").issuer("1202.d50a4eeb-ab5d-474b-aaaf-e4aa47bc54a5").expirationTime(new Date(1575559276888000L)).issueTime(new Date(1575559276888000L)).audience("https://gomer-vbox/oxauth/restv1/token").build();
SignedJWT signedJWT = new SignedJWT(new JWSHeader.Builder(signatureAlgorithm.getJwsAlgorithm()).keyID(kid).build(), claimsSet);
signedJWT.sign(signer);
return signedJWT.serialize();
}
Also used :
JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet)
RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner)
SignedJWT(com.nimbusds.jwt.SignedJWT)
JWSSigner(com.nimbusds.jose.JWSSigner)
AlgorithmFamily(org.gluu.oxauth.model.crypto.signature.AlgorithmFamily)
Date(java.util.Date)
JWSHeader(com.nimbusds.jose.JWSHeader)
Example 23 with JWSSigner
use of com.nimbusds.jose.JWSSigner in project scoold by Erudika.
the class ScooldUtils method generateJWToken.
public SignedJWT generateJWToken(Map<String, Object> claims, long validitySeconds) {
String secret = Config.getConfigParam("app_secret_key", "");
if (!StringUtils.isBlank(secret)) {
try {
Date now = new Date();
JWTClaimsSet.Builder claimsSet = new JWTClaimsSet.Builder();
claimsSet.issueTime(now);
if (validitySeconds > 0) {
claimsSet.expirationTime(new Date(now.getTime() + (validitySeconds * 1000)));
}
claimsSet.notBeforeTime(now);
claimsSet.claim(Config._APPID, Config.getConfigParam("access_key", "x"));
claims.entrySet().forEach((claim) -> claimsSet.claim(claim.getKey(), claim.getValue()));
JWSSigner signer = new MACSigner(secret);
SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.HS256), claimsSet.build());
signedJWT.sign(signer);
return signedJWT;
} catch (JOSEException e) {
logger.warn("Unable to sign JWT: {}.", e.getMessage());
}
}
logger.error("Failed to generate JWT token - app_secret_key is blank.");
return null;
}
Also used :
MACSigner(com.nimbusds.jose.crypto.MACSigner)
JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet)
SignedJWT(com.nimbusds.jwt.SignedJWT)
JWSSigner(com.nimbusds.jose.JWSSigner)
JOSEException(com.nimbusds.jose.JOSEException)
Date(java.util.Date)
JWSHeader(com.nimbusds.jose.JWSHeader)
Example 24 with JWSSigner
use of com.nimbusds.jose.JWSSigner in project dhis2-core by dhis2.
the class JwtUtils method encode.
public Jwt encode(JoseHeader headers, JwtClaimsSet claims) throws JwtEncodingException {
Assert.notNull(headers, "headers cannot be null");
Assert.notNull(claims, "claims cannot be null");
JWK jwk = selectJwk(headers);
if (jwk == null) {
throw new JwtEncodingException(String.format(ENCODING_ERROR_MESSAGE_TEMPLATE, "Failed to select a JWK signing key"));
} else if (!StringUtils.hasText(jwk.getKeyID())) {
throw new JwtEncodingException(String.format(ENCODING_ERROR_MESSAGE_TEMPLATE, "The \"kid\" (key ID) from the selected JWK cannot be empty"));
}
headers = JoseHeader.from(headers).type(JOSEObjectType.JWT.getType()).keyId(jwk.getKeyID()).build();
claims = JwtClaimsSet.from(claims).id(UUID.randomUUID().toString()).build();
JWSHeader jwsHeader = JWS_HEADER_CONVERTER.convert(headers);
JWTClaimsSet jwtClaimsSet = JWT_CLAIMS_SET_CONVERTER.convert(claims);
JWSSigner jwsSigner = this.jwsSigners.computeIfAbsent(jwk, (key) -> {
try {
return JWS_SIGNER_FACTORY.createJWSSigner(key);
} catch (JOSEException ex) {
throw new JwtEncodingException(String.format(ENCODING_ERROR_MESSAGE_TEMPLATE, "Failed to create a JWS Signer -> " + ex.getMessage()), ex);
}
});
SignedJWT signedJwt = new SignedJWT(jwsHeader, jwtClaimsSet);
try {
signedJwt.sign(jwsSigner);
} catch (JOSEException ex) {
throw new JwtEncodingException(String.format(ENCODING_ERROR_MESSAGE_TEMPLATE, "Failed to sign the JWT -> " + ex.getMessage()), ex);
}
String jws = signedJwt.serialize();
return new Jwt(jws, claims.getIssuedAt(), claims.getExpiresAt(), headers.getHeaders(), claims.getClaims());
}
Also used :
JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet)
Jwt(org.springframework.security.oauth2.jwt.Jwt)
SignedJWT(com.nimbusds.jwt.SignedJWT)
JWSSigner(com.nimbusds.jose.JWSSigner)
JOSEException(com.nimbusds.jose.JOSEException)
JWSHeader(com.nimbusds.jose.JWSHeader)
JWK(com.nimbusds.jose.jwk.JWK)
Example 25 with JWSSigner
use of com.nimbusds.jose.JWSSigner in project spring-security by spring-projects.
the class NimbusJwtEncoder method serialize.
private String serialize(JwsHeader headers, JwtClaimsSet claims, JWK jwk) {
JWSHeader jwsHeader = convert(headers);
JWTClaimsSet jwtClaimsSet = convert(claims);
JWSSigner jwsSigner = this.jwsSigners.computeIfAbsent(jwk, NimbusJwtEncoder::createSigner);
SignedJWT signedJwt = new SignedJWT(jwsHeader, jwtClaimsSet);
try {
signedJwt.sign(jwsSigner);
} catch (JOSEException ex) {
throw new JwtEncodingException(String.format(ENCODING_ERROR_MESSAGE_TEMPLATE, "Failed to sign the JWT -> " + ex.getMessage()), ex);
}
return signedJwt.serialize();
}
Also used :
JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet)
SignedJWT(com.nimbusds.jwt.SignedJWT)
JWSSigner(com.nimbusds.jose.JWSSigner)
JOSEException(com.nimbusds.jose.JOSEException)
JWSHeader(com.nimbusds.jose.JWSHeader)
Aggregations
JWSSigner (com.nimbusds.jose.JWSSigner)29
RSASSASigner (com.nimbusds.jose.crypto.RSASSASigner)21
JWSHeader (com.nimbusds.jose.JWSHeader)18
SignedJWT (com.nimbusds.jwt.SignedJWT)18
JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)13
JOSEException (com.nimbusds.jose.JOSEException)5
MACSigner (com.nimbusds.jose.crypto.MACSigner)5
PrivateKey (java.security.PrivateKey)5
Date (java.util.Date)4
JOSEObjectType (com.nimbusds.jose.JOSEObjectType)3
JWSObject (com.nimbusds.jose.JWSObject)3
Payload (com.nimbusds.jose.Payload)3
JWK (com.nimbusds.jose.jwk.JWK)3
RSAPrivateKey (java.security.interfaces.RSAPrivateKey)3
JsonArrayBuilder (javax.json.JsonArrayBuilder)3
JsonObjectBuilder (javax.json.JsonObjectBuilder)3
TokenServiceException (org.apache.knox.gateway.services.security.token.TokenServiceException)3
JWT (org.apache.knox.gateway.services.security.token.impl.JWT)3
JWTToken (org.apache.knox.gateway.services.security.token.impl.JWTToken)3
JWSAlgorithm (com.nimbusds.jose.JWSAlgorithm)2
