Examples with JwtException io.helidon.security.jwt.JwtException used on opensource projects

Example 1 with JwtException

use of io.helidon.security.jwt.JwtException in project helidon by oracle.

the class JwkEC method signatureAlgorithm.

@Override
String signatureAlgorithm() {
    String jwkAlg = algorithm();
    String javaAlg = ALG_MAP.get(jwkAlg);
    if (null == javaAlg) {
        throw new JwtException("Unsupported algorithm for Elliptic curve: " + jwkAlg);
    }
    return javaAlg;
}

Example 2 with JwtException

use of io.helidon.security.jwt.JwtException in project helidon by oracle.

the class JwkOctet method doSign.

@Override
public byte[] doSign(byte[] bytesToSign) {
    String alg = getSignatureAlgorithm();
    if (ALG_NONE.equals(alg)) {
        return EMPTY_BYTES;
    }
    Mac mac = JwtUtil.getMac(alg);
    SecretKeySpec secretKey = new SecretKeySpec(keyBytes, alg);
    try {
        mac.init(secretKey);
    } catch (InvalidKeyException e) {
        throw new JwtException("Failed to init Mac for algorithm: " + alg, e);
    }
    return mac.doFinal(bytesToSign);
}

Example 3 with JwtException

use of io.helidon.security.jwt.JwtException in project helidon by oracle.

the class JwkPki method doSign.

@Override
public byte[] doSign(byte[] bytesToSign) {
    String alg = signatureAlgorithm();
    if (ALG_NONE.equals(alg)) {
        return EMPTY_BYTES;
    }
    Signature signature = JwtUtil.getSignature(alg);
    try {
        PrivateKey privateKey = this.privateKey.orElseThrow(() -> new JwtException("To sign data, private key MUST be present"));
        signature.initSign(privateKey);
        signature.update(bytesToSign);
        return signature.sign();
    } catch (Exception e) {
        throw new JwtException("Failed to sign data", e);
    }
}

Example 4 with JwtException

use of io.helidon.security.jwt.JwtException in project helidon by oracle.

the class JwtProvider method impersonate.

private OutboundSecurityResponse impersonate(JwtOutboundTarget ot, String username) {
    Map<String, List<String>> headers = new HashMap<>();
    Jwk jwk = signKeys.forKeyId(ot.jwkKid).orElseThrow(() -> new JwtException("Signing JWK with kid: " + ot.jwkKid + " is not defined."));
    Jwt.Builder builder = Jwt.builder();
    builder.addPayloadClaim("name", username);
    builder.subject(username).preferredUsername(username).issuer(issuer).algorithm(jwk.algorithm());
    ot.update(builder);
    Jwt jwt = builder.build();
    SignedJwt signed = SignedJwt.sign(jwt, jwk);
    ot.outboundHandler.header(headers, signed.tokenContent());
    return OutboundSecurityResponse.withHeaders(headers);
}

Example 5 with JwtException

use of io.helidon.security.jwt.JwtException in project helidon by oracle.

the class JwkEC method changeSignatureEncodingToDER.

private boolean changeSignatureEncodingToDER(byte[] signedBytes, byte[] signatureToVerify) {
    String alg = signatureAlgorithm();
    if (ALG_NONE.equals(alg)) {
        return verifyNoneAlg(signatureToVerify);
    }
    byte[] rBytes = Arrays.copyOfRange(signatureToVerify, 0, 32);
    byte[] sBytes = Arrays.copyOfRange(signatureToVerify, 32, 64);
    BigInteger r = new BigInteger(1, rBytes);
    BigInteger s = new BigInteger(1, sBytes);
    byte[] rb = r.toByteArray();
    byte[] sb = s.toByteArray();
    byte[] signatureDerBytes;
    try (ByteArrayOutputStream outputStream = new ByteArrayOutputStream()) {
        int length = 1 + calculateBodyLength(rb.length) + rb.length + 1 + calculateBodyLength(sb.length) + sb.length;
        outputStream.write(16 | 32);
        writeLength(outputStream, length);
        outputStream.write(2);
        writeLength(outputStream, rb.length);
        outputStream.write(rb);
        outputStream.write(2);
        writeLength(outputStream, sb.length);
        outputStream.write(sb);
        signatureDerBytes = outputStream.toByteArray();
    } catch (IOException e) {
        throw new JwtException("Signature encoding conversion to DER has failed.", e);
    }
    return super.doVerify(signedBytes, signatureDerBytes);
}