Example 66 with JWTClaimsSet
use of com.nimbusds.jwt.JWTClaimsSet in project tomee by apache.
the class Tokens method asToken.
public String asToken(final String claims) throws Exception {
try {
final JWSHeader header = new JWSHeader.Builder(new JWSAlgorithm("RS" + hashSize, Requirement.OPTIONAL)).type(JOSEObjectType.JWT).build();
final JWTClaimsSet claimsSet = JWTClaimsSet.parse(claims);
final SignedJWT jwt = new SignedJWT(header, claimsSet);
jwt.sign(new RSASSASigner(privateKey));
return jwt.serialize();
} catch (Exception e) {
throw new RuntimeException("Could not sign JWT");
}
}
Also used :
JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet)
RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner)
SignedJWT(com.nimbusds.jwt.SignedJWT)
JWSAlgorithm(com.nimbusds.jose.JWSAlgorithm)
JWSHeader(com.nimbusds.jose.JWSHeader)
Example 67 with JWTClaimsSet
use of com.nimbusds.jwt.JWTClaimsSet in project metron by apache.
the class KnoxSSOAuthenticationFilterTest method doFilterShouldContinueOnInvalidToken.
@Test
public void doFilterShouldContinueOnInvalidToken() throws Exception {
KnoxSSOAuthenticationFilter knoxSSOAuthenticationFilter = spy(new KnoxSSOAuthenticationFilter("userSearchBase", mock(Path.class), "knoxKeyString", "knoxCookie", mock(LdapTemplate.class)));
HttpServletRequest request = mock(HttpServletRequest.class);
ServletResponse response = mock(ServletResponse.class);
FilterChain chain = mock(FilterChain.class);
SignedJWT signedJWT = mock(SignedJWT.class);
JWTClaimsSet jwtClaimsSet = new JWTClaimsSet.Builder().subject("userName").build();
when(request.getHeader("Authorization")).thenReturn(null);
doReturn("serializedJWT").when(knoxSSOAuthenticationFilter).getJWTFromCookie(request);
doReturn(signedJWT).when(knoxSSOAuthenticationFilter).parseJWT(any());
when(signedJWT.getJWTClaimsSet()).thenReturn(jwtClaimsSet);
doReturn(false).when(knoxSSOAuthenticationFilter).isValid(signedJWT, "userName");
knoxSSOAuthenticationFilter.doFilter(request, response, chain);
verify(knoxSSOAuthenticationFilter, times(0)).getAuthentication("userName", request);
verify(chain).doFilter(request, response);
verifyNoMoreInteractions(chain);
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
ServletResponse(javax.servlet.ServletResponse)
JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet)
FilterChain(javax.servlet.FilterChain)
SignedJWT(com.nimbusds.jwt.SignedJWT)
Test(org.junit.jupiter.api.Test)
Example 68 with JWTClaimsSet
use of com.nimbusds.jwt.JWTClaimsSet in project ddf by codice.
the class CustomOidcProfileCreator method create.
@Override
public Optional<UserProfile> create(OidcCredentials credentials, WebContext context) {
init();
final OidcProfile profile = (OidcProfile) getProfileDefinition().newProfile();
final AccessToken accessToken = credentials.getAccessToken();
if (accessToken != null && !accessToken.getValue().isEmpty()) {
profile.setAccessToken(accessToken);
}
final RefreshToken refreshToken = credentials.getRefreshToken();
if (refreshToken != null && !refreshToken.getValue().isEmpty()) {
profile.setRefreshToken(refreshToken);
LOGGER.debug("Found refresh token");
}
final JWT idToken = credentials.getIdToken();
profile.setIdTokenString(idToken.getParsedString());
try {
JWTClaimsSet claimsSet = idToken.getJWTClaimsSet();
assertNotNull("claimsSet", claimsSet);
profile.setId(ProfileHelper.sanitizeIdentifier(profile, claimsSet.getSubject()));
for (final Map.Entry<String, Object> entry : claimsSet.getClaims().entrySet()) {
if (!JwtClaims.SUBJECT.equals(entry.getKey()) && profile.getAttribute(entry.getKey()) == null) {
getProfileDefinition().convertAndAdd(profile, PROFILE_ATTRIBUTE, entry.getKey(), entry.getValue());
}
}
profile.setTokenExpirationAdvance(configuration.getTokenExpirationAdvance());
return Optional.of(profile);
} catch (final java.text.ParseException e) {
throw new AuthenticationException(e);
}
}
Also used :
RefreshToken(com.nimbusds.oauth2.sdk.token.RefreshToken)
AuthenticationException(org.apache.shiro.authc.AuthenticationException)
AccessToken(com.nimbusds.oauth2.sdk.token.AccessToken)
JWT(com.nimbusds.jwt.JWT)
JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet)
OidcProfile(org.pac4j.oidc.profile.OidcProfile)
WebContext(org.pac4j.core.context.WebContext)
Map(java.util.Map)
Example 69 with JWTClaimsSet
use of com.nimbusds.jwt.JWTClaimsSet in project Payara by payara.
the class AzureSecretsConfigSource method buildJwt.
private static SignedJWT buildJwt(final String issuer, final String audience, final String thumbprint) {
Instant now = Instant.now();
Instant expiry = now.plus(1, ChronoUnit.MINUTES);
JWTClaimsSet claims = new JWTClaimsSet.Builder().subject(issuer).audience(audience).expirationTime(Date.from(expiry)).issueTime(Date.from(now)).issuer(issuer).build();
byte[] bytes = DatatypeConverter.parseHexBinary(thumbprint);
JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.RS256).type(JOSEObjectType.JWT).x509CertThumbprint(Base64URL.encode(bytes)).build();
return new SignedJWT(header, claims);
}
Also used :
JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet)
Instant(java.time.Instant)
ClientBuilder(javax.ws.rs.client.ClientBuilder)
SignedJWT(com.nimbusds.jwt.SignedJWT)
JWSHeader(com.nimbusds.jose.JWSHeader)
Aggregations
JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)69
SignedJWT (com.nimbusds.jwt.SignedJWT)44
JWSHeader (com.nimbusds.jose.JWSHeader)23
Date (java.util.Date)19
Test (org.junit.Test)16
RSASSASigner (com.nimbusds.jose.crypto.RSASSASigner)14
Test (org.junit.jupiter.api.Test)11
JOSEException (com.nimbusds.jose.JOSEException)9
ParseException (java.text.ParseException)9
SecretKey (javax.crypto.SecretKey)8
JWSSigner (com.nimbusds.jose.JWSSigner)7
MacAlgorithm (org.springframework.security.oauth2.jose.jws.MacAlgorithm)7
Instant (java.time.Instant)6
ArrayList (java.util.ArrayList)6
Map (java.util.Map)6
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)6
JWSAlgorithm (com.nimbusds.jose.JWSAlgorithm)5
MACSigner (com.nimbusds.jose.crypto.MACSigner)5
BadJOSEException (com.nimbusds.jose.proc.BadJOSEException)5
JWT (com.nimbusds.jwt.JWT)5
