Examples with AuthTokenKey com.zimbra.cs.account.AuthTokenKey used on opensource projects

Example 1 with AuthTokenKey

use of com.zimbra.cs.account.AuthTokenKey in project zm-mailbox by Zimbra.

the class JWTBasedAuthTest method testGetJWToken.

@Test
public void testGetJWToken() {
    Account acct;
    try {
        acct = Provisioning.getInstance().get(Key.AccountBy.name, "test@zimbra.com");
        String salt = "s1";
        String salts = "s2|s3|s1";
        AuthTokenKey atkey = AuthTokenUtil.getCurrentKey();
        byte[] jwtKey = Bytes.concat(atkey.getKey(), salt.getBytes());
        long issuedAt = System.currentTimeMillis();
        long expires = issuedAt + 3600000;
        AuthTokenProperties properties = new AuthTokenProperties(acct, true, null, expires, AuthMech.zimbra, Usage.AUTH);
        String jwt = JWTUtil.generateJWT(jwtKey, salt, issuedAt, properties, atkey.getVersion());
        AuthToken at = ZimbraJWToken.getJWToken(jwt, salts);
        Assert.assertEquals(acct.getId(), at.getAccountId());
        Assert.assertEquals(Usage.AUTH, at.getUsage());
        Assert.assertEquals(expires / 1000, at.getExpires() / 1000);
        Assert.assertEquals(AuthMech.zimbra, at.getAuthMech());
        Assert.assertEquals(false, at.isAdmin());
    } catch (ServiceException | AuthTokenException e) {
        e.printStackTrace();
        Assert.fail("testGenerateAndValidateJWT failed");
    }
}

Example 2 with AuthTokenKey

use of com.zimbra.cs.account.AuthTokenKey in project zm-mailbox by Zimbra.

the class JWEUtil method getDecodedJWE.

public static Map<String, String> getDecodedJWE(String jwe) throws ServiceException {
    Map<String, String> result = null;
    if (StringUtils.isEmpty(jwe)) {
        return result;
    }
    String[] jweArr = jwe.split("_");
    if (jweArr.length != 2) {
        throw ServiceException.PARSE_ERROR("invalid jwe format", null);
    }
    AuthTokenKey key = AuthTokenKey.getVersion(jweArr[0]);
    String data = DataSource.decryptData(new String(key.getKey()), jweArr[1]);
    try {
        Map<?, ?> map = BlobMetaData.decode(data);
        result = map.entrySet().stream().collect(Collectors.toMap(e -> (String) e.getKey(), e -> (String) e.getValue()));
    } catch (BlobMetaDataEncodingException e) {
        throw ServiceException.FAILURE("failed to get decoded jwe", e);
    }
    return result;
}

Example 3 with AuthTokenKey

use of com.zimbra.cs.account.AuthTokenKey in project zm-mailbox by Zimbra.

the class JWEUtil method getJWE.

public static String getJWE(Map<String, String> map) throws ServiceException {
    String encryptedData = null;
    if (map == null) {
        return encryptedData;
    }
    AuthTokenKey key = AuthTokenKey.getCurrentKey();
    StringBuilder encodedBuff = new StringBuilder(64);
    map.entrySet().forEach(e -> BlobMetaData.encodeMetaData(e.getKey(), e.getValue(), encodedBuff));
    encryptedData = key.getVersion() + "_" + DataSource.encryptData(new String(key.getKey()), encodedBuff.toString());
    return encryptedData;
}

Example 4 with AuthTokenKey

use of com.zimbra.cs.account.AuthTokenKey in project zm-mailbox by Zimbra.

the class JWTBasedAuthTest method generateJWT.

private String generateJWT(Account acct, String salt) throws AuthFailedServiceException, AuthTokenException {
    AuthTokenKey atkey = AuthTokenUtil.getCurrentKey();
    byte[] jwtKey = Bytes.concat(atkey.getKey(), salt.getBytes());
    long issuedAt = System.currentTimeMillis();
    long expires = issuedAt + 3600000;
    AuthTokenProperties properties = new AuthTokenProperties(acct, false, null, expires, null, Usage.AUTH);
    String jwt = JWTUtil.generateJWT(jwtKey, salt, issuedAt, properties, atkey.getVersion());
    return jwt;
}