Search in sources :

Example 46 with JSONObject

use of com.nimbusds.jose.shaded.json.JSONObject in project openbanking-aspsp by OpenBankingToolkit.

the class AuthorisationApiController method verifyRequestparameterClaims.

private void verifyRequestparameterClaims(SignedJWT requestParameters) throws OBErrorException {
    JSONObject claims = null;
    try {
        JWTClaimsSet claimSet = requestParameters.getJWTClaimsSet();
        claims = new JSONObject(claimSet.getJSONObjectClaim(OIDCConstants.OIDCClaim.CLAIMS));
    } catch (ParseException pe) {
        log.info("verifyRequestparameterClaims() Could not obtain the {} claim from the request parameter.", OIDCConstants.OIDCClaim.CLAIMS);
        throw new OBErrorException(OBRIErrorType.REQUEST_PARAMETER_JWT_INVALID, "No claims obtainable from the " + "jwt");
    }
    if (!claims.containsKey(OpenBankingConstants.RequestParameterClaim.ID_TOKEN)) {
        throw new OBErrorException(OBRIErrorType.REQUEST_PARAMETER_JWT_INVALID, "No id token claims");
    }
    Map<String, Claim> idTokenClaims = validateIdToken(claims);
    validateUserInfo(claims, idTokenClaims);
}
Also used : JSONObject(com.nimbusds.jose.shaded.json.JSONObject) JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet) OBErrorException(com.forgerock.openbanking.exceptions.OBErrorException) ParseException(java.text.ParseException) Claim(com.forgerock.openbanking.model.claim.Claim)

Example 47 with JSONObject

use of com.nimbusds.jose.shaded.json.JSONObject in project terra-external-credentials-manager by DataBiosphere.

the class JwtUtils method buildVisa.

private static GA4GHVisa buildVisa(Jwt visaJwt) {
    JSONObject visaClaims = getJwtClaim(visaJwt, GA4GH_VISA_V1_CLAIM);
    var visaType = visaClaims.get(VISA_TYPE_CLAIM);
    if (visaType == null) {
        throw new InvalidJwtException(String.format("visa missing claim [%s]", VISA_TYPE_CLAIM));
    }
    return new Builder().visaType(visaType.toString()).jwt(visaJwt.getTokenValue()).expires(getJwtExpires(visaJwt)).issuer(visaJwt.getIssuer().toString()).lastValidated(new Timestamp(Instant.now().toEpochMilli())).tokenType(determineTokenType(visaJwt)).build();
}
Also used : JSONObject(com.nimbusds.jose.shaded.json.JSONObject) Builder(bio.terra.externalcreds.models.GA4GHVisa.Builder) Timestamp(java.sql.Timestamp)

Example 48 with JSONObject

use of com.nimbusds.jose.shaded.json.JSONObject in project PowerNukkitX by PowerNukkitX.

the class Metrics method createAdvancedChartData.

private static JSONObject createAdvancedChartData(final Callable<Map<String, Integer>> callable) throws Exception {
    JSONObject data = new JSONObject();
    JSONObject values = new JSONObject();
    Map<String, Integer> map = callable.call();
    if (map == null || map.isEmpty()) {
        // Null = skip the chart
        return null;
    }
    boolean allSkipped = true;
    for (Map.Entry<String, Integer> entry : map.entrySet()) {
        if (entry.getValue() == 0) {
            // Skip this invalid
            continue;
        }
        allSkipped = false;
        values.put(entry.getKey(), entry.getValue());
    }
    if (allSkipped) {
        // Null = skip the chart
        return null;
    }
    data.put(VALUES, values);
    return data;
}
Also used : JSONObject(com.nimbusds.jose.shaded.json.JSONObject) Map(java.util.Map)

Example 49 with JSONObject

use of com.nimbusds.jose.shaded.json.JSONObject in project PowerNukkitX by PowerNukkitX.

the class Metrics method getServerData.

/**
 * Gets the server specific data.
 *
 * @return The server specific data.
 */
private JSONObject getServerData() {
    // OS specific data
    String osName = System.getProperty("os.name");
    String osArch = System.getProperty("os.arch");
    String osVersion = System.getProperty("os.version");
    int coreCount = Runtime.getRuntime().availableProcessors();
    JSONObject data = new JSONObject();
    data.put("serverUUID", serverUUID);
    data.put("osName", osName);
    data.put("osArch", osArch);
    data.put("osVersion", osVersion);
    data.put("coreCount", coreCount);
    return data;
}
Also used : JSONObject(com.nimbusds.jose.shaded.json.JSONObject)

Example 50 with JSONObject

use of com.nimbusds.jose.shaded.json.JSONObject in project Protocol by CloudburstMC.

the class EncryptionUtils method verifyChain.

/**
 * Verify the validity of the login chain data from the {@link com.nukkitx.protocol.bedrock.packet.LoginPacket}
 *
 * @param chain array of JWS objects
 * @return chain validity
 * @throws JOSEException            invalid JWS algorithm used
 * @throws ParseException           invalid JWS object
 * @throws InvalidKeySpecException  invalid EC key provided
 * @throws NoSuchAlgorithmException runtime does not support EC spec
 */
public static boolean verifyChain(JSONArray chain) throws JOSEException, ParseException, InvalidKeySpecException, NoSuchAlgorithmException {
    ECPublicKey lastKey = null;
    boolean validChain = false;
    Iterator<Object> iterator = chain.iterator();
    while (iterator.hasNext()) {
        Object node = iterator.next();
        Preconditions.checkArgument(node instanceof String, "Chain node is not a string");
        JWSObject jwt = JWSObject.parse((String) node);
        // x509 cert is expected in every claim
        URI x5u = jwt.getHeader().getX509CertURL();
        if (x5u == null) {
            return false;
        }
        ECPublicKey expectedKey = EncryptionUtils.generateKey(jwt.getHeader().getX509CertURL().toString());
        // First key is self-signed
        if (lastKey == null) {
            lastKey = expectedKey;
        } else if (!lastKey.equals(expectedKey)) {
            return false;
        }
        if (!verifyJwt(jwt, lastKey)) {
            return false;
        }
        if (validChain) {
            return !iterator.hasNext();
        }
        if (lastKey.equals(EncryptionUtils.MOJANG_PUBLIC_KEY)) {
            validChain = true;
        }
        Object payload = JSONValue.parse(jwt.getPayload().toString());
        Preconditions.checkArgument(payload instanceof JSONObject, "Payload is not a object");
        Object identityPublicKey = ((JSONObject) payload).get("identityPublicKey");
        Preconditions.checkArgument(identityPublicKey instanceof String, "identityPublicKey node is missing in chain");
        lastKey = generateKey((String) identityPublicKey);
    }
    return validChain;
}
Also used : ECPublicKey(java.security.interfaces.ECPublicKey) JSONObject(com.nimbusds.jose.shaded.json.JSONObject) JWSObject(com.nimbusds.jose.JWSObject) JSONObject(com.nimbusds.jose.shaded.json.JSONObject) JWSObject(com.nimbusds.jose.JWSObject) URI(java.net.URI)

Aggregations

JSONObject (com.nimbusds.jose.shaded.json.JSONObject)52 lombok.val (lombok.val)22 Test (org.junit.jupiter.api.Test)21 Secret (io.kidsfirst.core.model.Secret)10 JSONArray (com.nimbusds.jose.shaded.json.JSONArray)9 Map (java.util.Map)5 Slf4j (lombok.extern.slf4j.Slf4j)5 JWSObject (com.nimbusds.jose.JWSObject)4 FenceService (io.kidsfirst.core.service.FenceService)4 SecretService (io.kidsfirst.core.service.SecretService)4 ResponseEntity (org.springframework.http.ResponseEntity)4 JwtAuthenticationToken (org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken)4 org.springframework.web.bind.annotation (org.springframework.web.bind.annotation)4 IOException (java.io.IOException)3 ECPublicKey (java.security.interfaces.ECPublicKey)3 Flux (reactor.core.publisher.Flux)3 Mono (reactor.core.publisher.Mono)3 JsonNode (com.fasterxml.jackson.databind.JsonNode)2 JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)2 URI (java.net.URI)2