Example 11 with RSASSASigner
use of com.nimbusds.jose.crypto.RSASSASigner in project mycore by MyCoRe-Org.
the class MCRJSONWebTokenUtil method createJWT.
/**
* creates a JSON Web Token with user id, roles and client public key
*
* @param user - the user that should be returned
* @param roles - the roles that should be returned
* @param webAppBaseURL - the base url of the application
* @param clientPublicKey - the client public key as JSON Web Key
*
* @return the JSON WebToken
*/
public static SignedJWT createJWT(String user, List<String> roles, String webAppBaseURL, JWK clientPublicKey) {
ZonedDateTime currentTime = ZonedDateTime.now(ZoneOffset.UTC);
JWTClaimsSet claims = new JWTClaimsSet.Builder().issuer(webAppBaseURL).jwtID(UUID.randomUUID().toString()).expirationTime(Date.from(currentTime.plusMinutes(EXPIRATION_TIME_MINUTES).toInstant())).issueTime(Date.from(currentTime.toInstant())).notBeforeTime(Date.from(currentTime.minusMinutes(EXPIRATION_TIME_MINUTES).toInstant())).subject(user).claim("roles", roles).claim("sub_jwk", clientPublicKey).build();
String keyID = UUID.randomUUID().toString();
JWK jwk = new RSAKey.Builder((RSAPublicKey) RSA_KEYS.getPublic()).keyID(keyID).build();
JWSHeader jwsHeader = new JWSHeader.Builder(JWSAlgorithm.RS256).jwk(jwk).build();
SignedJWT signedJWT = new SignedJWT(jwsHeader, claims);
try {
signedJWT.sign(new RSASSASigner(RSA_KEYS.getPrivate()));
} catch (JOSEException e) {
// TODO Auto-generated catch block
LOGGER.error(e);
}
System.out.println("JWT: " + signedJWT.serialize());
return signedJWT;
}
Also used :
ZonedDateTime(java.time.ZonedDateTime)
JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet)
RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner)
SignedJWT(com.nimbusds.jwt.SignedJWT)
JOSEException(com.nimbusds.jose.JOSEException)
JWSHeader(com.nimbusds.jose.JWSHeader)
JWK(com.nimbusds.jose.jwk.JWK)
Example 12 with RSASSASigner
use of com.nimbusds.jose.crypto.RSASSASigner in project carbon-apimgt by wso2.
the class Util method getAuthHeader.
public static String getAuthHeader(String username) throws Exception {
// Get the filesystem key store default primary certificate
KeyStoreManager keyStoreManager;
keyStoreManager = KeyStoreManager.getInstance(MultitenantConstants.SUPER_TENANT_ID);
try {
keyStoreManager.getDefaultPrimaryCertificate();
JWSSigner signer = new RSASSASigner((RSAPrivateKey) keyStoreManager.getDefaultPrivateKey());
JWTClaimsSet.Builder jwtClaimsSetBuilder = new JWTClaimsSet.Builder();
jwtClaimsSetBuilder.claim("Username", username);
SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.RS512), jwtClaimsSetBuilder.build());
signedJWT.sign(signer);
// generate authorization header value
return "Bearer " + Base64Utils.encode(signedJWT.serialize().getBytes(Charset.defaultCharset()));
} catch (SignatureException e) {
String msg = "Failed to sign with signature instance";
log.error(msg, e);
throw new Exception(msg, e);
} catch (Exception e) {
String msg = "Failed to get primary default certificate";
log.error(msg, e);
throw new Exception(msg, e);
}
}
Also used :
KeyStoreManager(org.wso2.carbon.core.util.KeyStoreManager)
JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet)
RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner)
SignedJWT(com.nimbusds.jwt.SignedJWT)
SignatureException(java.security.SignatureException)
JWSSigner(com.nimbusds.jose.JWSSigner)
JWSHeader(com.nimbusds.jose.JWSHeader)
SignatureException(java.security.SignatureException)
Example 13 with RSASSASigner
use of com.nimbusds.jose.crypto.RSASSASigner in project carbon-apimgt by wso2.
the class InternalAPIKeyGenerator method buildSignature.
protected void buildSignature(SignedJWT assertion) throws APIManagementException {
// get super tenant's key store manager
KeyStoreManager tenantKSM = KeyStoreManager.getInstance(MultitenantConstants.SUPER_TENANT_ID);
try {
PrivateKey privateKey = tenantKSM.getDefaultPrivateKey();
JWSSigner jwsSigner = new RSASSASigner(privateKey);
assertion.sign(jwsSigner);
} catch (Exception e) {
throw new APIManagementException("Error while signing Api Key", e);
}
}
Also used :
KeyStoreManager(org.wso2.carbon.core.util.KeyStoreManager)
PrivateKey(java.security.PrivateKey)
APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException)
RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner)
JWSSigner(com.nimbusds.jose.JWSSigner)
APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException)
Example 14 with RSASSASigner
use of com.nimbusds.jose.crypto.RSASSASigner in project quickstart by wildfly.
the class TokenUtil method generateJWT.
public static String generateJWT(final String principal, final String birthdate, final String... groups) throws Exception {
PrivateKey privateKey = loadPrivateKey("private.pem");
JWSSigner signer = new RSASSASigner(privateKey);
JsonArrayBuilder groupsBuilder = Json.createArrayBuilder();
for (String group : groups) {
groupsBuilder.add(group);
}
long currentTime = System.currentTimeMillis() / 1000;
JsonObjectBuilder claimsBuilder = Json.createObjectBuilder().add("sub", principal).add("upn", principal).add("iss", "quickstart-jwt-issuer").add("aud", "jwt-audience").add("groups", groupsBuilder.build()).add("birthdate", birthdate).add("jti", UUID.randomUUID().toString()).add("iat", currentTime).add("exp", currentTime + 14400);
JWSObject jwsObject = new JWSObject(new JWSHeader.Builder(JWSAlgorithm.RS256).type(new JOSEObjectType("jwt")).keyID("Test Key").build(), new Payload(claimsBuilder.build().toString()));
jwsObject.sign(signer);
return jwsObject.serialize();
}
Also used :
JOSEObjectType(com.nimbusds.jose.JOSEObjectType)
PrivateKey(java.security.PrivateKey)
JsonArrayBuilder(javax.json.JsonArrayBuilder)
JsonObjectBuilder(javax.json.JsonObjectBuilder)
RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner)
Payload(com.nimbusds.jose.Payload)
JsonArrayBuilder(javax.json.JsonArrayBuilder)
JsonObjectBuilder(javax.json.JsonObjectBuilder)
JWSObject(com.nimbusds.jose.JWSObject)
JWSSigner(com.nimbusds.jose.JWSSigner)
Example 15 with RSASSASigner
use of com.nimbusds.jose.crypto.RSASSASigner in project hadoop by apache.
the class TestJWTRedirectAuthentictionHandler method getJWT.
protected SignedJWT getJWT(String sub, Date expires, RSAPrivateKey privateKey) throws Exception {
JWTClaimsSet claimsSet = new JWTClaimsSet();
claimsSet.setSubject(sub);
claimsSet.setIssueTime(new Date(new Date().getTime()));
claimsSet.setIssuer("https://c2id.com");
claimsSet.setCustomClaim("scope", "openid");
claimsSet.setExpirationTime(expires);
List<String> aud = new ArrayList<String>();
aud.add("bar");
claimsSet.setAudience("bar");
JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.RS256).build();
SignedJWT signedJWT = new SignedJWT(header, claimsSet);
JWSSigner signer = new RSASSASigner(privateKey);
signedJWT.sign(signer);
return signedJWT;
}
Also used :
JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet)
ArrayList(java.util.ArrayList)
RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner)
SignedJWT(com.nimbusds.jwt.SignedJWT)
Date(java.util.Date)
Aggregations
RSASSASigner (com.nimbusds.jose.crypto.RSASSASigner)37
SignedJWT (com.nimbusds.jwt.SignedJWT)23
JWSHeader (com.nimbusds.jose.JWSHeader)20
JWSSigner (com.nimbusds.jose.JWSSigner)15
JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)13
JSONObject (net.minidev.json.JSONObject)10
JWSObject (com.nimbusds.jose.JWSObject)9
Payload (com.nimbusds.jose.Payload)9
PrivateKey (java.security.PrivateKey)6
JOSEException (com.nimbusds.jose.JOSEException)5
ArrayList (java.util.ArrayList)4
HashMap (java.util.HashMap)4
MockResponse (okhttp3.mockwebserver.MockResponse)4
MockWebServer (okhttp3.mockwebserver.MockWebServer)4
Test (org.junit.jupiter.api.Test)4
Authentication (org.springframework.security.core.Authentication)4
JOSEObjectType (com.nimbusds.jose.JOSEObjectType)3
JWSAlgorithm (com.nimbusds.jose.JWSAlgorithm)3
RSASSAVerifier (com.nimbusds.jose.crypto.RSASSAVerifier)3
Date (java.util.Date)3
