Examples with RSASSASigner - com.nimbusds.jose.crypto.RSASSASigner

Example 16 with RSASSASigner

use of com.nimbusds.jose.crypto.RSASSASigner in project perry by ca-cwds.

the class JwtService method sign.

private SignedJWT sign(JWTClaimsSet claimsSet) throws JwtException {
    try {
        JWSSigner signer = new RSASSASigner(keyProvider.getSigningKey());
        SignedJWT signedJWT = new SignedJWT(jwsHeader(), claimsSet);
        signedJWT.sign(signer);
        return signedJWT;
    } catch (Exception e) {
        throw new JwtException(e);
    }
}

Also used : RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner) SignedJWT(com.nimbusds.jwt.SignedJWT) JWSSigner(com.nimbusds.jose.JWSSigner) GeneralSecurityException(java.security.GeneralSecurityException)

Example 17 with RSASSASigner

use of com.nimbusds.jose.crypto.RSASSASigner in project carbon-apimgt by wso2.

the class JWTWithRSASignatureImpl method rsaSignAndSerialize.

/**
 * {@inheritDoc}
 */
@Override
public String rsaSignAndSerialize(RSAPrivateKey rsaPrivateKey, JWTClaimsSet claimsSet) throws APIManagementException {
    if (rsaPrivateKey == null) {
        throw new IllegalArgumentException("The private key must not be null");
    }
    if (claimsSet == null) {
        throw new IllegalArgumentException("The JWTClaimsSet must not be null");
    }
    JWSSigner signer = new RSASSASigner(rsaPrivateKey);
    SignedJWT jwt = new SignedJWT(new JWSHeader(JWSAlgorithm.RS256), claimsSet);
    try {
        jwt.sign(signer);
    } catch (JOSEException e) {
        throw new APIManagementException("Error signing JWT ", e);
    }
    return jwt.serialize();
}

Also used : APIManagementException(org.wso2.carbon.apimgt.core.exception.APIManagementException) RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner) SignedJWT(com.nimbusds.jwt.SignedJWT) JWSSigner(com.nimbusds.jose.JWSSigner) JOSEException(com.nimbusds.jose.JOSEException) JWSHeader(com.nimbusds.jose.JWSHeader)

Example 18 with RSASSASigner

use of com.nimbusds.jose.crypto.RSASSASigner in project SEPA by arces-wot.

the class AuthorizationManager method init.

private boolean init(KeyStore keyStore, String keyAlias, String keyPwd) throws KeyStoreException, JOSEException {
    // Load the key from the key store
    RSAKey jwk = RSAKey.load(keyStore, keyAlias, keyPwd.toCharArray());
    // Get the private and public keys to sign and verify
    RSAPrivateKey privateKey;
    RSAPublicKey publicKey;
    privateKey = jwk.toRSAPrivateKey();
    publicKey = jwk.toRSAPublicKey();
    // Create RSA-signer with the private key
    signer = new RSASSASigner(privateKey);
    // Create RSA-verifier with the public key
    verifier = new RSASSAVerifier(publicKey);
    // Serialize the public key to be deliverer during registration
    jwkPublicKey = new JsonParser().parse(jwk.toPublicJWK().toJSONString());
    // Set up a JWT processor to parse the tokens and then check their signature
    // and validity time window (bounded by the "iat", "nbf" and "exp" claims)
    jwtProcessor = new DefaultJWTProcessor<SEPASecurityContext>();
    JWKSet jws = new JWKSet(jwk);
    JWKSource<SEPASecurityContext> keySource = new ImmutableJWKSet<SEPASecurityContext>(jws);
    JWSAlgorithm expectedJWSAlg = JWSAlgorithm.RS256;
    JWSKeySelector<SEPASecurityContext> keySelector = new JWSVerificationKeySelector<SEPASecurityContext>(expectedJWSAlg, keySource);
    jwtProcessor.setJWSKeySelector(keySelector);
    return true;
}

Also used : RSAKey(com.nimbusds.jose.jwk.RSAKey) RSASSAVerifier(com.nimbusds.jose.crypto.RSASSAVerifier) ImmutableJWKSet(com.nimbusds.jose.jwk.source.ImmutableJWKSet) JWSAlgorithm(com.nimbusds.jose.JWSAlgorithm) JWSVerificationKeySelector(com.nimbusds.jose.proc.JWSVerificationKeySelector) RSAPublicKey(java.security.interfaces.RSAPublicKey) JWKSet(com.nimbusds.jose.jwk.JWKSet) ImmutableJWKSet(com.nimbusds.jose.jwk.source.ImmutableJWKSet) RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) JsonParser(com.google.gson.JsonParser)

Example 19 with RSASSASigner

use of com.nimbusds.jose.crypto.RSASSASigner in project java-docs-samples by GoogleCloudPlatform.

the class BuildIapRequest method getSignedJwt.

private static String getSignedJwt(ServiceAccountCredentials credentials, String iapClientId) throws Exception {
    Instant now = Instant.now(clock);
    long expirationTime = now.getEpochSecond() + EXPIRATION_TIME_IN_SECONDS;
    // generate jwt signed by service account
    // header must contain algorithm ("alg") and key ID ("kid")
    JWSHeader jwsHeader = new JWSHeader.Builder(JWSAlgorithm.RS256).keyID(credentials.getPrivateKeyId()).build();
    // set required claims
    JWTClaimsSet claims = new JWTClaimsSet.Builder().audience(OAUTH_TOKEN_URI).issuer(credentials.getClientEmail()).subject(credentials.getClientEmail()).issueTime(Date.from(now)).expirationTime(Date.from(Instant.ofEpochSecond(expirationTime))).claim("target_audience", iapClientId).build();
    // sign using service account private key
    JWSSigner signer = new RSASSASigner(credentials.getPrivateKey());
    SignedJWT signedJwt = new SignedJWT(jwsHeader, claims);
    signedJwt.sign(signer);
    return signedJwt.serialize();
}

Also used : JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet) Instant(java.time.Instant) RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner) SignedJWT(com.nimbusds.jwt.SignedJWT) JWSSigner(com.nimbusds.jose.JWSSigner) JWSHeader(com.nimbusds.jose.JWSHeader)

Example 20 with RSASSASigner

use of com.nimbusds.jose.crypto.RSASSASigner in project registry by hortonworks.

the class TestJWTAuthenticationHandler method getJWT.

protected SignedJWT getJWT(String sub, Date expires, RSAPrivateKey privateKey) throws Exception {
    JWTClaimsSet claimsSet = new JWTClaimsSet.Builder().subject(sub).issueTime(new Date(new Date().getTime())).issuer("https://c2id.com").claim("scope", "openid").audience("bar").expirationTime(expires).build();
    List<String> aud = new ArrayList<String>();
    aud.add("bar");
    JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.RS256).build();
    SignedJWT signedJWT = new SignedJWT(header, claimsSet);
    JWSSigner signer = new RSASSASigner(privateKey);
    signedJWT.sign(signer);
    return signedJWT;
}

Also used : JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet) ArrayList(java.util.ArrayList) RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner) SignedJWT(com.nimbusds.jwt.SignedJWT) Date(java.util.Date)

Aggregations

RSASSASigner (com.nimbusds.jose.crypto.RSASSASigner)37 SignedJWT (com.nimbusds.jwt.SignedJWT)23 JWSHeader (com.nimbusds.jose.JWSHeader)20 JWSSigner (com.nimbusds.jose.JWSSigner)15 JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)13 JSONObject (net.minidev.json.JSONObject)10 JWSObject (com.nimbusds.jose.JWSObject)9 Payload (com.nimbusds.jose.Payload)9 PrivateKey (java.security.PrivateKey)6 JOSEException (com.nimbusds.jose.JOSEException)5 ArrayList (java.util.ArrayList)4 HashMap (java.util.HashMap)4 MockResponse (okhttp3.mockwebserver.MockResponse)4 MockWebServer (okhttp3.mockwebserver.MockWebServer)4 Test (org.junit.jupiter.api.Test)4 Authentication (org.springframework.security.core.Authentication)4 JOSEObjectType (com.nimbusds.jose.JOSEObjectType)3 JWSAlgorithm (com.nimbusds.jose.JWSAlgorithm)3 RSASSAVerifier (com.nimbusds.jose.crypto.RSASSAVerifier)3 Date (java.util.Date)3