Example 1 with RSASSASigner
use of com.nimbusds.jose.crypto.RSASSASigner in project ORCID-Source by ORCID.
the class OpenIDConnectKeyService method sign.
/**
* Get the private key for signing
*
* @return
* @throws JOSEException
*/
public SignedJWT sign(JWTClaimsSet claims) throws JOSEException {
JWSSigner signer = new RSASSASigner(privateJWK);
JWSHeader.Builder head = new JWSHeader.Builder(defaultAlg);
head.keyID(getDefaultKeyID());
SignedJWT signedJWT = new SignedJWT(head.build(), claims);
signedJWT.sign(signer);
return signedJWT;
/* For HMAC we could do the following. This may be useful for the implicit flow:
ClientDetailsEntity clientEntity = clientDetailsEntityCacheManager.retrieve(authentication.getOAuth2Request().getClientId());
JWSSigner signer = new MACSigner(StringUtils.rightPad(clientEntity.getDecryptedClientSecret(), 32, "#").getBytes());
signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.HS256), claims.build());
signedJWT.sign(signer);
*/
}
Also used :
RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner)
SignedJWT(com.nimbusds.jwt.SignedJWT)
JWSSigner(com.nimbusds.jose.JWSSigner)
JWSHeader(com.nimbusds.jose.JWSHeader)
Example 2 with RSASSASigner
use of com.nimbusds.jose.crypto.RSASSASigner in project knox by apache.
the class JWTTokenTest method testTokenSignatureRS512.
@Test
public void testTokenSignatureRS512() throws Exception {
String[] claims = new String[4];
claims[0] = "KNOXSSO";
claims[1] = "john.doe@example.com";
claims[2] = "https://login.example.com";
claims[3] = Long.toString((System.currentTimeMillis() / 1000) + 300);
JWT token = new JWTToken(JWSAlgorithm.RS512.getName(), claims);
assertEquals("KNOXSSO", token.getIssuer());
assertEquals("john.doe@example.com", token.getSubject());
assertEquals("https://login.example.com", token.getAudience());
assertTrue(token.getHeader().contains(JWSAlgorithm.RS512.getName()));
// Sign the token
JWSSigner signer = new RSASSASigner(privateKey);
token.sign(signer);
assertTrue(token.getSignaturePayload().length > 0);
// Verify the signature
JWSVerifier verifier = new RSASSAVerifier((RSAPublicKey) publicKey);
assertTrue(token.verify(verifier));
}
Also used :
RSASSAVerifier(com.nimbusds.jose.crypto.RSASSAVerifier)
JWSVerifier(com.nimbusds.jose.JWSVerifier)
RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner)
JWSSigner(com.nimbusds.jose.JWSSigner)
Test(org.junit.Test)
Example 3 with RSASSASigner
use of com.nimbusds.jose.crypto.RSASSASigner in project pac4j by pac4j.
the class RSASignatureConfiguration method sign.
@Override
public SignedJWT sign(JWTClaimsSet claims) {
init();
CommonHelper.assertNotNull("privateKey", privateKey);
try {
final JWSSigner signer = new RSASSASigner(this.privateKey);
final SignedJWT signedJWT = new SignedJWT(new JWSHeader(algorithm), claims);
signedJWT.sign(signer);
return signedJWT;
} catch (final JOSEException e) {
throw new TechnicalException(e);
}
}
Also used :
TechnicalException(org.pac4j.core.exception.TechnicalException)
RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner)
SignedJWT(com.nimbusds.jwt.SignedJWT)
Example 4 with RSASSASigner
use of com.nimbusds.jose.crypto.RSASSASigner in project ovirt-engine by oVirt.
the class OpenIdUtils method createJWT.
/**
* Create a Java web token and sign with the RSA key. Used by the openid userinfo endpoint to send userinfo back.
*/
public static String createJWT(HttpServletRequest request, SsoSession ssoSession, String clientId) throws JOSEException {
// Create RSA-signer with the private key
JWSSigner signer = new RSASSASigner(keyPair.getPrivate());
SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.RS256), createJWTClaimSet(request, ssoSession, clientId));
signedJWT.sign(signer);
return signedJWT.serialize();
}
Also used :
RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner)
SignedJWT(com.nimbusds.jwt.SignedJWT)
JWSSigner(com.nimbusds.jose.JWSSigner)
JWSHeader(com.nimbusds.jose.JWSHeader)
Example 5 with RSASSASigner
use of com.nimbusds.jose.crypto.RSASSASigner in project spring-security by spring-projects.
the class OAuth2ResourceServerBeanDefinitionParserTests method jwtFromIssuer.
private String jwtFromIssuer(String issuer) throws Exception {
Map<String, Object> claims = new HashMap<>();
claims.put(JwtClaimNames.ISS, issuer);
claims.put(JwtClaimNames.SUB, "test-subject");
claims.put("scope", "message:read");
JWSObject jws = new JWSObject(new JWSHeader.Builder(JWSAlgorithm.RS256).keyID("1").build(), new Payload(new JSONObject(claims)));
jws.sign(new RSASSASigner(TestKeys.DEFAULT_PRIVATE_KEY));
return jws.serialize();
}
Also used :
JSONObject(net.minidev.json.JSONObject)
HashMap(java.util.HashMap)
RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner)
JWSObject(com.nimbusds.jose.JWSObject)
JSONObject(net.minidev.json.JSONObject)
Payload(com.nimbusds.jose.Payload)
CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
JWSObject(com.nimbusds.jose.JWSObject)
JWSHeader(com.nimbusds.jose.JWSHeader)
Aggregations
RSASSASigner (com.nimbusds.jose.crypto.RSASSASigner)37
SignedJWT (com.nimbusds.jwt.SignedJWT)23
JWSHeader (com.nimbusds.jose.JWSHeader)20
JWSSigner (com.nimbusds.jose.JWSSigner)15
JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)13
JSONObject (net.minidev.json.JSONObject)10
JWSObject (com.nimbusds.jose.JWSObject)9
Payload (com.nimbusds.jose.Payload)9
PrivateKey (java.security.PrivateKey)6
JOSEException (com.nimbusds.jose.JOSEException)5
ArrayList (java.util.ArrayList)4
HashMap (java.util.HashMap)4
MockResponse (okhttp3.mockwebserver.MockResponse)4
MockWebServer (okhttp3.mockwebserver.MockWebServer)4
Test (org.junit.jupiter.api.Test)4
Authentication (org.springframework.security.core.Authentication)4
JOSEObjectType (com.nimbusds.jose.JOSEObjectType)3
JWSAlgorithm (com.nimbusds.jose.JWSAlgorithm)3
RSASSAVerifier (com.nimbusds.jose.crypto.RSASSAVerifier)3
Date (java.util.Date)3
