Search in sources :

Example 1 with SignatureAlgorithm

use of io.hops.hopsworks.jwt.SignatureAlgorithm in project hopsworks by logicalclocks.

the class ElasticJWTController method createTokenForELK.

private String createTokenForELK(String project, Optional<Long> projectInodeId, String userRole) throws ElasticException {
    SignatureAlgorithm alg = SignatureAlgorithm.valueOf(settings.getJWTSignatureAlg());
    Date expiresAt = new Date(System.currentTimeMillis() + settings.getElasicJwtExpMs());
    try {
        Map<String, Object> claims = new HashMap<>();
        claims.put(Constants.ROLES, userRole);
        claims.put(Constants.ELK_VALID_PROJECT_NAME, ElasticUtils.getProjectNameWithNoSpecialCharacters(project));
        if (projectInodeId.isPresent()) {
            claims.put(Constants.ELK_PROJECT_INODE_ID, projectInodeId.get());
        }
        return jwtController.createTokenForELK(project, settings.getJWTIssuer(), claims, expiresAt, alg);
    } catch (DuplicateSigningKeyException | NoSuchAlgorithmException | SigningKeyNotFoundException e) {
        throw new ElasticException(RESTCodes.ElasticErrorCode.JWT_NOT_CREATED, Level.SEVERE, "Failed to create jwt token for elk", e.getMessage(), e);
    }
}
Also used : ElasticException(io.hops.hopsworks.exceptions.ElasticException) DuplicateSigningKeyException(io.hops.hopsworks.jwt.exception.DuplicateSigningKeyException) HashMap(java.util.HashMap) SigningKeyNotFoundException(io.hops.hopsworks.jwt.exception.SigningKeyNotFoundException) SignatureAlgorithm(io.hops.hopsworks.jwt.SignatureAlgorithm) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) Date(java.util.Date)

Example 2 with SignatureAlgorithm

use of io.hops.hopsworks.jwt.SignatureAlgorithm in project hopsworks by logicalclocks.

the class JWTHelper method createToken.

/**
 * Create jwt with a new signing key. Fails if the keyName already exists.
 *
 * @param jWTRequestDTO
 * @param issuer
 * @return
 * @throws NoSuchAlgorithmException
 * @throws SigningKeyNotFoundException
 * @throws DuplicateSigningKeyException
 */
public JWTResponseDTO createToken(JWTRequestDTO jWTRequestDTO, String issuer) throws NoSuchAlgorithmException, SigningKeyNotFoundException, DuplicateSigningKeyException {
    if (jWTRequestDTO == null || jWTRequestDTO.getKeyName() == null || jWTRequestDTO.getKeyName().isEmpty() || jWTRequestDTO.getAudiences() == null || jWTRequestDTO.getAudiences().length == 0 || jWTRequestDTO.getSubject() == null || jWTRequestDTO.getSubject().isEmpty()) {
        return null;
    }
    Date now = new Date();
    Date nbf = jWTRequestDTO.getNbf() != null ? jWTRequestDTO.getNbf() : now;
    Date expiresOn = jWTRequestDTO.getExpiresAt() != null ? jWTRequestDTO.getExpiresAt() : new Date(now.getTime() + settings.getJWTLifetimeMs());
    SignatureAlgorithm alg = SignatureAlgorithm.valueOf(settings.getJWTSignatureAlg());
    // What role should we give to users not in system
    String[] roles = { "HOPS_USER" };
    int expLeeway = jwtController.getExpLeewayOrDefault(jWTRequestDTO.getExpLeeway());
    Map<String, Object> claims = new HashMap<>(3);
    claims.put(RENEWABLE, jWTRequestDTO.isRenewable());
    claims.put(EXPIRY_LEEWAY, expLeeway);
    claims.put(ROLES, roles);
    String token = jwtController.createToken(jWTRequestDTO.getKeyName(), true, issuer, jWTRequestDTO.getAudiences(), expiresOn, nbf, jWTRequestDTO.getSubject(), claims, alg);
    return new JWTResponseDTO(token, expiresOn, nbf, expLeeway);
}
Also used : HashMap(java.util.HashMap) SignatureAlgorithm(io.hops.hopsworks.jwt.SignatureAlgorithm) Date(java.util.Date)

Example 3 with SignatureAlgorithm

use of io.hops.hopsworks.jwt.SignatureAlgorithm in project hopsworks by logicalclocks.

the class JWTHelper method createToken.

/**
 * Create a new jwt for the given user that can be used for the specified audience.
 *
 * @param user
 * @param audience
 * @param issuer
 * @return
 * @throws NoSuchAlgorithmException
 * @throws SigningKeyNotFoundException
 * @throws DuplicateSigningKeyException
 */
public String createToken(Users user, String[] audience, String issuer, Date expiresAt, Map<String, Object> claims) throws NoSuchAlgorithmException, SigningKeyNotFoundException, DuplicateSigningKeyException {
    SignatureAlgorithm alg = SignatureAlgorithm.valueOf(settings.getJWTSignatureAlg());
    String[] roles = userController.getUserRoles(user).toArray(new String[0]);
    claims = jwtController.addDefaultClaimsIfMissing(claims, true, settings.getJWTExpLeewaySec(), roles);
    return jwtController.createToken(settings.getJWTSigningKeyName(), false, issuer, audience, expiresAt, new Date(), user.getUsername(), claims, alg);
}
Also used : SignatureAlgorithm(io.hops.hopsworks.jwt.SignatureAlgorithm) Date(java.util.Date)

Example 4 with SignatureAlgorithm

use of io.hops.hopsworks.jwt.SignatureAlgorithm in project hopsworks by logicalclocks.

the class JWTHelper method createOneTimeToken.

public String createOneTimeToken(Users user, String[] roles, String issuer, String[] audience, Date notBefore, Date expiresAt, String keyName, Map<String, Object> claims, boolean createNewKey) throws NoSuchAlgorithmException, SigningKeyNotFoundException, DuplicateSigningKeyException {
    SignatureAlgorithm algorithm = SignatureAlgorithm.valueOf(Constants.ONE_TIME_JWT_SIGNATURE_ALGORITHM);
    claims = jwtController.addDefaultClaimsIfMissing(claims, false, 0, roles);
    return jwtController.createToken(keyName, createNewKey, issuer, audience, expiresAt, notBefore, user.getUsername(), claims, algorithm);
}
Also used : SignatureAlgorithm(io.hops.hopsworks.jwt.SignatureAlgorithm)

Aggregations

SignatureAlgorithm (io.hops.hopsworks.jwt.SignatureAlgorithm)4 Date (java.util.Date)3 HashMap (java.util.HashMap)2 ElasticException (io.hops.hopsworks.exceptions.ElasticException)1 DuplicateSigningKeyException (io.hops.hopsworks.jwt.exception.DuplicateSigningKeyException)1 SigningKeyNotFoundException (io.hops.hopsworks.jwt.exception.SigningKeyNotFoundException)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1