Examples with SignedJWT com.nimbusds.jwt.SignedJWT used on opensource projects

Search in sources :

Example 1 with SignedJWT

use of com.nimbusds.jwt.SignedJWT in project hadoop by apache.

the class JWTRedirectAuthenticationHandler method alternateAuthenticate.

@Override
public AuthenticationToken alternateAuthenticate(HttpServletRequest request, HttpServletResponse response) throws IOException, AuthenticationException {
    AuthenticationToken token = null;
    String serializedJWT = null;
    HttpServletRequest req = (HttpServletRequest) request;
    serializedJWT = getJWTFromCookie(req);
    if (serializedJWT == null) {
        String loginURL = constructLoginURL(request);
        LOG.info("sending redirect to: " + loginURL);
        ((HttpServletResponse) response).sendRedirect(loginURL);
    } else {
        String userName = null;
        SignedJWT jwtToken = null;
        boolean valid = false;
        try {
            jwtToken = SignedJWT.parse(serializedJWT);
            valid = validateToken(jwtToken);
            if (valid) {
                userName = jwtToken.getJWTClaimsSet().getSubject();
                LOG.info("USERNAME: " + userName);
            } else {
                LOG.warn("jwtToken failed validation: " + jwtToken.serialize());
            }
        } catch (ParseException pe) {
            // unable to parse the token let's try and get another one
            LOG.warn("Unable to parse the JWT token", pe);
        }
        if (valid) {
            LOG.debug("Issuing AuthenticationToken for user.");
            token = new AuthenticationToken(userName, userName, getType());
        } else {
            String loginURL = constructLoginURL(request);
            LOG.info("token validation failed - sending redirect to: " + loginURL);
            ((HttpServletResponse) response).sendRedirect(loginURL);
        }
    }
    return token;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) HttpServletResponse(javax.servlet.http.HttpServletResponse) SignedJWT(com.nimbusds.jwt.SignedJWT) ParseException(java.text.ParseException)

Example 2 with SignedJWT

use of com.nimbusds.jwt.SignedJWT in project hadoop by apache.

the class TestJWTRedirectAuthentictionHandler method testNoPublicKeyJWT.

@Test
public void testNoPublicKeyJWT() throws Exception {
    try {
        Properties props = getProperties();
        handler.init(props);
        SignedJWT jwt = getJWT("bob", new Date(new Date().getTime() + 5000), privateKey);
        Cookie cookie = new Cookie("hadoop-jwt", jwt.serialize());
        HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
        Mockito.when(request.getCookies()).thenReturn(new Cookie[] { cookie });
        Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer(SERVICE_URL));
        HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
        Mockito.when(response.encodeRedirectURL(SERVICE_URL)).thenReturn(SERVICE_URL);
        AuthenticationToken token = handler.alternateAuthenticate(request, response);
        fail("alternateAuthentication should have thrown a ServletException");
    } catch (ServletException se) {
        assertTrue(se.getMessage().contains("Public key for signature validation must be provisioned"));
    } catch (AuthenticationException ae) {
        fail("alternateAuthentication should NOT have thrown a AuthenticationException");
    }
}
Also used : Cookie(javax.servlet.http.Cookie) HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletException(javax.servlet.ServletException) AuthenticationException(org.apache.hadoop.security.authentication.client.AuthenticationException) HttpServletResponse(javax.servlet.http.HttpServletResponse) SignedJWT(com.nimbusds.jwt.SignedJWT) Properties(java.util.Properties) Date(java.util.Date) Test(org.junit.Test)

Example 3 with SignedJWT

use of com.nimbusds.jwt.SignedJWT in project hadoop by apache.

the class TestJWTRedirectAuthentictionHandler method testCustomCookieNameJWT.

@Test
public void testCustomCookieNameJWT() throws Exception {
    try {
        handler.setPublicKey(publicKey);
        Properties props = getProperties();
        props.put(JWTRedirectAuthenticationHandler.JWT_COOKIE_NAME, "jowt");
        handler.init(props);
        SignedJWT jwt = getJWT("bob", new Date(new Date().getTime() + 5000), privateKey);
        Cookie cookie = new Cookie("jowt", jwt.serialize());
        HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
        Mockito.when(request.getCookies()).thenReturn(new Cookie[] { cookie });
        Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer(SERVICE_URL));
        HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
        Mockito.when(response.encodeRedirectURL(SERVICE_URL)).thenReturn(SERVICE_URL);
        AuthenticationToken token = handler.alternateAuthenticate(request, response);
        Assert.assertEquals("bob", token.getUserName());
    } catch (ServletException se) {
        fail("alternateAuthentication should NOT have thrown a ServletException: " + se.getMessage());
    } catch (AuthenticationException ae) {
        fail("alternateAuthentication should NOT have thrown a AuthenticationException");
    }
}
Also used : Cookie(javax.servlet.http.Cookie) HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletException(javax.servlet.ServletException) AuthenticationException(org.apache.hadoop.security.authentication.client.AuthenticationException) HttpServletResponse(javax.servlet.http.HttpServletResponse) SignedJWT(com.nimbusds.jwt.SignedJWT) Properties(java.util.Properties) Date(java.util.Date) Test(org.junit.Test)

Example 4 with SignedJWT

use of com.nimbusds.jwt.SignedJWT in project hadoop by apache.

the class TestJWTRedirectAuthentictionHandler method testValidAudienceJWT.

@Test
public void testValidAudienceJWT() throws Exception {
    try {
        handler.setPublicKey(publicKey);
        Properties props = getProperties();
        props.put(JWTRedirectAuthenticationHandler.EXPECTED_JWT_AUDIENCES, "bar");
        handler.init(props);
        SignedJWT jwt = getJWT("bob", new Date(new Date().getTime() + 5000), privateKey);
        Cookie cookie = new Cookie("hadoop-jwt", jwt.serialize());
        HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
        Mockito.when(request.getCookies()).thenReturn(new Cookie[] { cookie });
        Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer(SERVICE_URL));
        HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
        Mockito.when(response.encodeRedirectURL(SERVICE_URL)).thenReturn(SERVICE_URL);
        AuthenticationToken token = handler.alternateAuthenticate(request, response);
        Assert.assertEquals("bob", token.getUserName());
    } catch (ServletException se) {
        fail("alternateAuthentication should NOT have thrown a ServletException");
    } catch (AuthenticationException ae) {
        fail("alternateAuthentication should NOT have thrown an AuthenticationException");
    }
}
Also used : Cookie(javax.servlet.http.Cookie) HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletException(javax.servlet.ServletException) AuthenticationException(org.apache.hadoop.security.authentication.client.AuthenticationException) HttpServletResponse(javax.servlet.http.HttpServletResponse) SignedJWT(com.nimbusds.jwt.SignedJWT) Properties(java.util.Properties) Date(java.util.Date) Test(org.junit.Test)

Example 5 with SignedJWT

use of com.nimbusds.jwt.SignedJWT in project hadoop by apache.

the class TestJWTRedirectAuthentictionHandler method testFailedSignatureValidationJWT.

@Test
public void testFailedSignatureValidationJWT() throws Exception {
    try {
        // Create a public key that doesn't match the one needed to
        // verify the signature - in order to make it fail verification...
        KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
        kpg.initialize(2048);
        KeyPair kp = kpg.genKeyPair();
        RSAPublicKey publicKey = (RSAPublicKey) kp.getPublic();
        handler.setPublicKey(publicKey);
        Properties props = getProperties();
        handler.init(props);
        SignedJWT jwt = getJWT("bob", new Date(new Date().getTime() + 5000), privateKey);
        Cookie cookie = new Cookie("hadoop-jwt", jwt.serialize());
        HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
        Mockito.when(request.getCookies()).thenReturn(new Cookie[] { cookie });
        Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer(SERVICE_URL));
        HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
        Mockito.when(response.encodeRedirectURL(SERVICE_URL)).thenReturn(SERVICE_URL);
        AuthenticationToken token = handler.alternateAuthenticate(request, response);
        Mockito.verify(response).sendRedirect(REDIRECT_LOCATION);
    } catch (ServletException se) {
        fail("alternateAuthentication should NOT have thrown a ServletException");
    } catch (AuthenticationException ae) {
        fail("alternateAuthentication should NOT have thrown a AuthenticationException");
    }
}
Also used : Cookie(javax.servlet.http.Cookie) KeyPair(java.security.KeyPair) AuthenticationException(org.apache.hadoop.security.authentication.client.AuthenticationException) HttpServletResponse(javax.servlet.http.HttpServletResponse) KeyPairGenerator(java.security.KeyPairGenerator) SignedJWT(com.nimbusds.jwt.SignedJWT) Properties(java.util.Properties) Date(java.util.Date) HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletException(javax.servlet.ServletException) RSAPublicKey(java.security.interfaces.RSAPublicKey) Test(org.junit.Test)

Aggregations

SignedJWT (com.nimbusds.jwt.SignedJWT)161 Test (org.junit.Test)61 JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)56 Date (java.util.Date)52 HttpServletRequest (javax.servlet.http.HttpServletRequest)48 HttpServletResponse (javax.servlet.http.HttpServletResponse)45 Properties (java.util.Properties)39 ServletException (javax.servlet.ServletException)39 JWSHeader (com.nimbusds.jose.JWSHeader)36 RSASSASigner (com.nimbusds.jose.crypto.RSASSASigner)25 ParseException (java.text.ParseException)24 Cookie (javax.servlet.http.Cookie)21 JOSEException (com.nimbusds.jose.JOSEException)20 JWSSigner (com.nimbusds.jose.JWSSigner)16 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)14 SignedJWTInfo (org.wso2.carbon.apimgt.impl.jwt.SignedJWTInfo)13 Test (org.junit.jupiter.api.Test)12 Cache (javax.cache.Cache)11 AuthenticationException (com.hortonworks.registries.auth.client.AuthenticationException)10 RSASSAVerifier (com.nimbusds.jose.crypto.RSASSAVerifier)10
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial