use of io.gravitee.am.common.jwt.JWT in project gravitee-access-management by gravitee-io.
the class AccountEndpointHandler method getUser.
public void getUser(RoutingContext routingContext) {
JWT token = routingContext.get(ConstantKeys.TOKEN_CONTEXT_KEY);
accountService.get(token.getSub()).subscribe(user -> {
routingContext.put(ConstantKeys.USER_CONTEXT_KEY, user);
routingContext.next();
}, error -> {
LOGGER.error("Unable to retrieve user for Id {}", token.getSub());
routingContext.fail(error);
}, () -> routingContext.fail(new UserNotFoundException(token.getSub())));
}
use of io.gravitee.am.common.jwt.JWT in project gravitee-access-management by gravitee-io.
the class CertificateProviderManagerTest method noneAlgorithmCertificateProvider_nominalCase.
@Test
public void noneAlgorithmCertificateProvider_nominalCase() {
CertificateProvider certificateProvider = certificateProviderManager.create(noneProvider());
JWT jwt = new JWT();
jwt.setIss("iss");
jwt.setSub("sub");
assertEquals("non matching jwt with none algorithm", "eyJhbGciOiJub25lIn0.eyJzdWIiOiJzdWIiLCJpc3MiOiJpc3MifQ.", certificateProvider.getJwtBuilder().sign(jwt));
}
use of io.gravitee.am.common.jwt.JWT in project gravitee-access-management by gravitee-io.
the class CertificateProviderManagerTest method defaultCertificateProvider_nominalCase.
@Test
public void defaultCertificateProvider_nominalCase() {
CertificateProvider certificateProvider = certificateProviderManager.create(defaultProvider());
JWT jwt = new JWT();
jwt.setIss("iss");
jwt.setSub("sub");
assertEquals("non matching jwt with default certificateProvider", "eyJraWQiOiJkZWZhdWx0LWdyYXZpdGVlLUFNLWtleSIsInR5cCI6IkpXVCIsImFsZyI6IkhTMjU2In0.eyJzdWIiOiJzdWIiLCJpc3MiOiJpc3MifQ.Ti366cJSMVSnvFW1wHYFMdc63zTdIpa42O6AOTWyGKk", certificateProvider.getJwtBuilder().sign(jwt));
}
use of io.gravitee.am.common.jwt.JWT in project gravitee-access-management by gravitee-io.
the class CustomLogoutSuccessHandler method determineTargetUrl.
@Override
protected String determineTargetUrl(HttpServletRequest request, HttpServletResponse response) {
String logoutRedirectUrl = request.getParameter(LOGOUT_URL_PARAMETER);
if (logoutRedirectUrl != null && !logoutRedirectUrl.isEmpty()) {
setTargetUrlParameter(LOGOUT_URL_PARAMETER);
}
final Cookie[] cookies = request.getCookies();
final Optional<Cookie> authCookie = Stream.of(cookies).filter(c -> authCookieName.equals(c.getName())).findFirst();
authCookie.ifPresent(cookie -> {
try {
final String jwtStr = cookie.getValue().substring("Bearer ".length());
final JWT jwt = jwtParser.parse(jwtStr);
WebAuthenticationDetails details = new WebAuthenticationDetails(request);
// read user profile to obtain same information as login step.
// if the read fails, trace only with information available into the cookie
userService.findById(ReferenceType.ORGANIZATION, (String) jwt.get("org"), (String) jwt.getSub()).doOnSuccess(user -> auditService.report(AuditBuilder.builder(LogoutAuditBuilder.class).user(user).referenceType(ReferenceType.ORGANIZATION).referenceId((String) jwt.get("org")).ipAddress(details.getRemoteAddress()).userAgent(details.getUserAgent()))).doOnError(err -> {
logger.warn("Unable to read user information, trace logout with minimal data", err);
auditService.report(AuditBuilder.builder(LogoutAuditBuilder.class).principal(new EndUserAuthentication(jwt.get("username"), null, new SimpleAuthenticationContext())).referenceType(ReferenceType.ORGANIZATION).referenceId((String) jwt.get("org")).ipAddress(details.getRemoteAddress()).userAgent(details.getUserAgent()));
}).subscribe();
} catch (Exception e) {
logger.warn("Unable to extract information from authentication cookie", e);
}
});
return super.determineTargetUrl(request, response);
}
use of io.gravitee.am.common.jwt.JWT in project gravitee-access-management by gravitee-io.
the class JWTGenerator method generateToken.
private String generateToken(final User user, Date expirationDate) {
try {
JWT jwt = new JWT();
jwt.setJti(SecureRandomString.generate());
jwt.setIat(Instant.now().getEpochSecond());
jwt.setSub(user.getId());
jwt.setExp(expirationDate.toInstant().getEpochSecond());
jwt.put(StandardClaims.PREFERRED_USERNAME, user.getUsername());
jwt.putAll(user.getAdditionalInformation());
return jwtBuilder.sign(jwt);
} catch (Exception ex) {
LOGGER.error("An error occurs while creating JWT token", ex);
return null;
}
}
Aggregations