use of com.nimbusds.jose.jwk.gen.RSAKeyGenerator in project cruise-control by linkedin.
the class TokenGenerator method generateToken.
static TokenAndKeys generateToken(String subject, List<String> audience, long expirationTime) throws JOSEException {
RSAKey rsaJwk = new RSAKeyGenerator(2048).keyID("123").generate();
RSAKey rsaPublicJWK = rsaJwk.toPublicJWK();
RSASSASigner signer = new RSASSASigner(rsaJwk);
JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.RS256).type(JOSEObjectType.JWT).build();
JWTClaimsSet.Builder claimsSet = new JWTClaimsSet.Builder().subject(subject).issuer("https://linkedin.com");
if (audience != null) {
claimsSet.audience(audience);
}
if (expirationTime > 0) {
claimsSet.expirationTime(new Date(expirationTime));
} else {
claimsSet.expirationTime(Date.from(Instant.now().plusSeconds(120)));
}
SignedJWT signedJWT = new SignedJWT(header, claimsSet.build());
signedJWT.sign(signer);
return new TokenAndKeys(signedJWT.serialize(), (RSAPrivateKey) signer.getPrivateKey(), rsaPublicJWK.toRSAPublicKey());
}
Aggregations