use of io.gravitee.am.common.exception.jwt.SignatureException in project gravitee-access-management by gravitee-io.
the class DefaultJWTBuilder method sign.
@Override
public String sign(JWT payload) {
try {
JSONObject jsonObject = new JSONObject(payload);
if (issuer != null && !jsonObject.containsKey(Claims.iss)) {
jsonObject.put(Claims.iss, issuer);
}
SignedJWT signedJWT = new SignedJWT(header, JWTClaimsSet.parse(jsonObject));
signedJWT.sign(signer);
return signedJWT.serialize();
} catch (ParseException ex) {
logger.debug("Signing JWT token: {} has failed", payload);
throw new MalformedJWTException("Signing JWT token has failed", ex);
} catch (JOSEException ex) {
logger.debug("Signing JWT token: {} has failed", payload);
throw new SignatureException("Signing JWT token has failed", ex);
} catch (Exception ex) {
logger.error("An error occurs while signing JWT token : {}", payload, ex);
throw ex;
}
}
use of io.gravitee.am.common.exception.jwt.SignatureException in project gravitee-access-management by gravitee-io.
the class DefaultJWTParser method parse.
@Override
public JWT parse(String payload) {
try {
// verify format
SignedJWT signedJWT = SignedJWT.parse(payload);
// verify signature
boolean verified = signedJWT.verify(verifier);
if (!verified) {
throw new JOSEException("The signature was not verified");
}
Map<String, Object> claims = signedJWT.getPayload().toJSONObject().entrySet().stream().collect(Collectors.toMap(Map.Entry::getKey, Map.Entry::getValue));
JWT jwt = new JWT(claims);
// verify exp and nbf values
// https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-30#section-4.1.4
// token MUST NOT be accepted on or after any specified exp time
Instant now = Instant.now();
evaluateExp(jwt.getExp(), now, this.allowedClockSkewMillis);
// https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-30#section-4.1.5
// token MUST NOT be accepted before any specified nbf time
evaluateNbf(jwt.getNbf(), now, this.allowedClockSkewMillis);
return jwt;
} catch (ParseException ex) {
logger.debug("The following JWT token : {} is malformed", payload);
throw new MalformedJWTException("Token is malformed", ex);
} catch (ExpiredJWTException ex) {
logger.debug("The following JWT token : {} is expired", payload);
throw new ExpiredJWTException("Token is expired", ex);
} catch (PrematureJWTException ex) {
logger.debug("The following JWT token : {} must not be accepted (nbf)", payload);
throw new PrematureJWTException("Token must not be accepted (nbf)", ex);
} catch (JOSEException ex) {
logger.debug("Verifying JWT token signature : {} has failed", payload);
throw new SignatureException("Token's signature is invalid", ex);
} catch (Exception ex) {
logger.error("An error occurs while parsing JWT token : {}", payload, ex);
throw ex;
}
}
Aggregations