use of com.orientechnologies.orient.core.metadata.security.jwt.OJwtPayload in project orientdb by orientechnologies.
the class OTokenHandlerImpl method getSignedWebToken.
public byte[] getSignedWebToken(final ODatabaseDocument db, final OSecurityUser user) {
final ByteArrayOutputStream tokenByteOS = new ByteArrayOutputStream(1024);
final OrientJwtHeader header = new OrientJwtHeader();
header.setAlgorithm("HS256");
header.setKeyId("");
final OJwtPayload payload = createPayload(db, user);
header.setType(getPayloadType(payload));
try {
byte[] bytes = serializeWebHeader(header);
tokenByteOS.write(OBase64Utils.encodeBytesToBytes(bytes, 0, bytes.length, OBase64Utils.URL_SAFE));
tokenByteOS.write(JWT_DELIMITER);
bytes = serializeWebPayload(payload);
tokenByteOS.write(OBase64Utils.encodeBytesToBytes(bytes, 0, bytes.length, OBase64Utils.URL_SAFE));
byte[] unsignedToken = tokenByteOS.toByteArray();
tokenByteOS.write(JWT_DELIMITER);
bytes = signToken(header, unsignedToken);
tokenByteOS.write(OBase64Utils.encodeBytesToBytes(bytes, 0, bytes.length, OBase64Utils.URL_SAFE));
} catch (Exception ex) {
throw OException.wrapException(new OSystemException("Error on token parsing"), ex);
}
return tokenByteOS.toByteArray();
}
use of com.orientechnologies.orient.core.metadata.security.jwt.OJwtPayload in project orientdb by orientechnologies.
the class OTokenHandlerImpl method parseWebToken.
@Override
public OToken parseWebToken(byte[] tokenBytes) {
JsonWebToken token = null;
// / <header>.<payload>.<signature>
int firstDot = -1, secondDot = -1;
for (int x = 0; x < tokenBytes.length; x++) {
if (tokenBytes[x] == JWT_DELIMITER) {
if (firstDot == -1)
// stores reference to first '.' character in JWT token
firstDot = x;
else {
secondDot = x;
break;
}
}
}
if (firstDot == -1)
throw new RuntimeException("Token data too short: missed header");
if (secondDot == -1)
throw new RuntimeException("Token data too short: missed signature");
final byte[] decodedHeader = OBase64Utils.decode(tokenBytes, 0, firstDot, OBase64Utils.URL_SAFE);
final byte[] decodedPayload = OBase64Utils.decode(tokenBytes, firstDot + 1, secondDot - (firstDot + 1), OBase64Utils.URL_SAFE);
final byte[] decodedSignature = OBase64Utils.decode(tokenBytes, secondDot + 1, tokenBytes.length - (secondDot + 1), OBase64Utils.URL_SAFE);
final OrientJwtHeader header = deserializeWebHeader(decodedHeader);
final OJwtPayload deserializeWebPayload = deserializeWebPayload(header.getType(), decodedPayload);
token = new JsonWebToken(header, deserializeWebPayload);
token.setIsVerified(verifyTokenSignature(header, tokenBytes, 0, secondDot, decodedSignature));
return token;
}
use of com.orientechnologies.orient.core.metadata.security.jwt.OJwtPayload in project orientdb by orientechnologies.
the class OTokenHandlerImplTest method testSerializeDeserializeWebPayload.
@Test
public void testSerializeDeserializeWebPayload() throws Exception {
OrientJwtPayload payload = new OrientJwtPayload();
String ptype = "OrientDB";
payload.setAudience("audiance");
payload.setExpiry(1L);
payload.setIssuedAt(2L);
payload.setIssuer("orient");
payload.setNotBefore(3L);
payload.setUserName("the subject");
payload.setTokenId("aaa");
payload.setUserRid(new ORecordId(3, 4));
OTokenHandlerImpl handler = new OTokenHandlerImpl();
byte[] payloadbytes = handler.serializeWebPayload(payload);
OJwtPayload des = handler.deserializeWebPayload(ptype, payloadbytes);
assertNotNull(des);
assertEquals(payload.getAudience(), des.getAudience());
assertEquals(payload.getExpiry(), des.getExpiry());
assertEquals(payload.getIssuedAt(), des.getIssuedAt());
assertEquals(payload.getIssuer(), des.getIssuer());
assertEquals(payload.getNotBefore(), des.getNotBefore());
assertEquals(payload.getTokenId(), des.getTokenId());
}
Aggregations