use of com.nimbusds.jose.crypto.MACSigner in project topcom-cloud by 545314690.
the class TokenManager method createToken.
default String createToken(Object userId) {
try {
JWTClaimsSet.Builder builder = new JWTClaimsSet.Builder();
builder.issuer(getIssuer());
builder.subject(userId.toString());
builder.issueTime(new Date());
builder.notBeforeTime(new Date());
builder.expirationTime(new Date(System.currentTimeMillis() + getExpirationDate()));
builder.jwtID(UUID.randomUUID().toString());
JWTClaimsSet claimsSet = builder.build();
JWSHeader header = new JWSHeader(JWSAlgorithm.HS256);
Payload payload = new Payload(claimsSet.toJSONObject());
JWSObject jwsObject = new JWSObject(header, payload);
JWSSigner signer = new MACSigner(getSharedKey());
jwsObject.sign(signer);
return jwsObject.serialize();
} catch (JOSEException ex) {
return null;
}
}
use of com.nimbusds.jose.crypto.MACSigner in project ratauth by alfa-laboratory.
the class HS256TokenProcessor method createToken.
@Override
@SneakyThrows
public String createToken(String clientId, String secret, String identifier, Date created, Date expiresIn, Set<String> audience, Set<String> scopes, Collection<String> authContext, String userId, Map<String, Object> userInfo) {
final JWSSigner signer = new MACSigner(Base64.getDecoder().decode(secret));
final List<String> aud = new ArrayList<>(audience);
aud.add(clientId);
// Prepare JWT with claims set
JWTClaimsSet.Builder jwtBuilder = new JWTClaimsSet.Builder().issuer(issuer).subject(userId).expirationTime(expiresIn).audience(aud).claim(SCOPE, scopes).claim(CLIENT_ID, clientId).claim(ACR_VALUES, authContext).jwtID(identifier).issueTime(created);
userInfo.forEach(jwtBuilder::claim);
SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.HS256), jwtBuilder.build());
// Apply the HMAC protection
signedJWT.sign(signer);
// eyJhbGciOiJIUzI1NiJ9.SGVsbG8sIHdvcmxkIQ.onO9Ihudz3WkiauDO2Uhyuz0Y18UASXlSc1eS0NkWyA
return signedJWT.serialize();
}
use of com.nimbusds.jose.crypto.MACSigner in project pac4j by pac4j.
the class SecretSignatureConfiguration method sign.
@Override
public SignedJWT sign(final JWTClaimsSet claims) {
init();
try {
final JWSSigner signer = new MACSigner(this.secret);
final SignedJWT signedJWT = new SignedJWT(new JWSHeader(algorithm), claims);
signedJWT.sign(signer);
return signedJWT;
} catch (final JOSEException e) {
throw new TechnicalException(e);
}
}
use of com.nimbusds.jose.crypto.MACSigner in project gravitee-management-rest-api by gravitee-io.
the class ReferenceSerializer method serialize.
public String serialize(IdentityReference reference) throws Exception {
// Create HMAC signer
JWSSigner signer = new MACSigner(secretKey.getEncoded());
// Prepare JWT with claims set
JWTClaimsSet claimsSet = new JWTClaimsSet.Builder().subject(reference.getReference()).issuer(reference.getSource()).build();
SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.HS256), claimsSet);
// Apply the HMAC protection
signedJWT.sign(signer);
// Create JWE object with signed JWT as payload
JWEObject jweObject = new JWEObject(new JWEHeader.Builder(JWEAlgorithm.DIR, EncryptionMethod.A256GCM).contentType(// required to signal nested JWT
"JWT").build(), new Payload(signedJWT));
// Perform encryption
jweObject.encrypt(new DirectEncrypter(secretKey.getEncoded()));
// Serialize to compact form
return new String(Base64.getEncoder().encode(jweObject.serialize().getBytes()));
}
Aggregations