Search in sources :

Example 1 with OJwtPayload

use of com.orientechnologies.orient.core.metadata.security.jwt.OJwtPayload in project orientdb by orientechnologies.

the class OTokenHandlerImpl method getSignedWebToken.

public byte[] getSignedWebToken(final ODatabaseDocument db, final OSecurityUser user) {
    final ByteArrayOutputStream tokenByteOS = new ByteArrayOutputStream(1024);
    final OrientJwtHeader header = new OrientJwtHeader();
    header.setAlgorithm("HS256");
    header.setKeyId("");
    final OJwtPayload payload = createPayload(db, user);
    header.setType(getPayloadType(payload));
    try {
        byte[] bytes = serializeWebHeader(header);
        tokenByteOS.write(OBase64Utils.encodeBytesToBytes(bytes, 0, bytes.length, OBase64Utils.URL_SAFE));
        tokenByteOS.write(JWT_DELIMITER);
        bytes = serializeWebPayload(payload);
        tokenByteOS.write(OBase64Utils.encodeBytesToBytes(bytes, 0, bytes.length, OBase64Utils.URL_SAFE));
        byte[] unsignedToken = tokenByteOS.toByteArray();
        tokenByteOS.write(JWT_DELIMITER);
        bytes = signToken(header, unsignedToken);
        tokenByteOS.write(OBase64Utils.encodeBytesToBytes(bytes, 0, bytes.length, OBase64Utils.URL_SAFE));
    } catch (Exception ex) {
        throw OException.wrapException(new OSystemException("Error on token parsing"), ex);
    }
    return tokenByteOS.toByteArray();
}
Also used : OSystemException(com.orientechnologies.common.exception.OSystemException) OJwtPayload(com.orientechnologies.orient.core.metadata.security.jwt.OJwtPayload) OException(com.orientechnologies.common.exception.OException) OSystemException(com.orientechnologies.common.exception.OSystemException) OTokenException(com.orientechnologies.orient.core.metadata.security.OTokenException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)

Example 2 with OJwtPayload

use of com.orientechnologies.orient.core.metadata.security.jwt.OJwtPayload in project orientdb by orientechnologies.

the class OTokenHandlerImpl method parseWebToken.

@Override
public OToken parseWebToken(byte[] tokenBytes) {
    JsonWebToken token = null;
    // / <header>.<payload>.<signature>
    int firstDot = -1, secondDot = -1;
    for (int x = 0; x < tokenBytes.length; x++) {
        if (tokenBytes[x] == JWT_DELIMITER) {
            if (firstDot == -1)
                // stores reference to first '.' character in JWT token
                firstDot = x;
            else {
                secondDot = x;
                break;
            }
        }
    }
    if (firstDot == -1)
        throw new RuntimeException("Token data too short: missed header");
    if (secondDot == -1)
        throw new RuntimeException("Token data too short: missed signature");
    final byte[] decodedHeader = OBase64Utils.decode(tokenBytes, 0, firstDot, OBase64Utils.URL_SAFE);
    final byte[] decodedPayload = OBase64Utils.decode(tokenBytes, firstDot + 1, secondDot - (firstDot + 1), OBase64Utils.URL_SAFE);
    final byte[] decodedSignature = OBase64Utils.decode(tokenBytes, secondDot + 1, tokenBytes.length - (secondDot + 1), OBase64Utils.URL_SAFE);
    final OrientJwtHeader header = deserializeWebHeader(decodedHeader);
    final OJwtPayload deserializeWebPayload = deserializeWebPayload(header.getType(), decodedPayload);
    token = new JsonWebToken(header, deserializeWebPayload);
    token.setIsVerified(verifyTokenSignature(header, tokenBytes, 0, secondDot, decodedSignature));
    return token;
}
Also used : OJwtPayload(com.orientechnologies.orient.core.metadata.security.jwt.OJwtPayload)

Example 3 with OJwtPayload

use of com.orientechnologies.orient.core.metadata.security.jwt.OJwtPayload in project orientdb by orientechnologies.

the class OTokenHandlerImplTest method testSerializeDeserializeWebPayload.

@Test
public void testSerializeDeserializeWebPayload() throws Exception {
    OrientJwtPayload payload = new OrientJwtPayload();
    String ptype = "OrientDB";
    payload.setAudience("audiance");
    payload.setExpiry(1L);
    payload.setIssuedAt(2L);
    payload.setIssuer("orient");
    payload.setNotBefore(3L);
    payload.setUserName("the subject");
    payload.setTokenId("aaa");
    payload.setUserRid(new ORecordId(3, 4));
    OTokenHandlerImpl handler = new OTokenHandlerImpl();
    byte[] payloadbytes = handler.serializeWebPayload(payload);
    OJwtPayload des = handler.deserializeWebPayload(ptype, payloadbytes);
    assertNotNull(des);
    assertEquals(payload.getAudience(), des.getAudience());
    assertEquals(payload.getExpiry(), des.getExpiry());
    assertEquals(payload.getIssuedAt(), des.getIssuedAt());
    assertEquals(payload.getIssuer(), des.getIssuer());
    assertEquals(payload.getNotBefore(), des.getNotBefore());
    assertEquals(payload.getTokenId(), des.getTokenId());
}
Also used : OJwtPayload(com.orientechnologies.orient.core.metadata.security.jwt.OJwtPayload) ORecordId(com.orientechnologies.orient.core.id.ORecordId) Test(org.junit.Test)

Aggregations

OJwtPayload (com.orientechnologies.orient.core.metadata.security.jwt.OJwtPayload)3 OException (com.orientechnologies.common.exception.OException)1 OSystemException (com.orientechnologies.common.exception.OSystemException)1 ORecordId (com.orientechnologies.orient.core.id.ORecordId)1 OTokenException (com.orientechnologies.orient.core.metadata.security.OTokenException)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 Test (org.junit.Test)1