Example 1 with IncorrectClaimException
use of io.jsonwebtoken.IncorrectClaimException in project ma-core-public by infiniteautomation.
the class MangoTokenAuthenticationProvider method authenticate.
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
if (!(authentication instanceof BearerAuthenticationToken)) {
return null;
}
String bearerToken = (String) authentication.getCredentials();
User user;
Jws<Claims> jws;
try {
jws = tokenAuthenticationService.parse(bearerToken);
user = tokenAuthenticationService.verify(jws);
} catch (ExpiredJwtException e) {
throw new CredentialsExpiredException(e.getMessage(), e);
} catch (UnsupportedJwtException | MalformedJwtException | IllegalArgumentException e) {
// assume that this is not a JWT, allow the next AuthenticationProvider to process it
return null;
} catch (SignatureException | MissingClaimException | IncorrectClaimException e) {
throw new BadCredentialsException(e.getMessage(), e);
} catch (NotFoundException e) {
throw new BadCredentialsException("Invalid username", e);
} catch (Exception e) {
throw new InternalAuthenticationServiceException(e.getMessage(), e);
}
userDetailsChecker.check(user);
if (log.isDebugEnabled()) {
log.debug("Successfully authenticated user using JWT token, header: " + jws.getHeader() + ", body: " + jws.getBody());
}
return new PreAuthenticatedAuthenticationToken(user, bearerToken, user.getAuthorities());
}
Also used :
User(com.serotonin.m2m2.vo.User)
Claims(io.jsonwebtoken.Claims)
ExpiredJwtException(io.jsonwebtoken.ExpiredJwtException)
CredentialsExpiredException(org.springframework.security.authentication.CredentialsExpiredException)
NotFoundException(com.serotonin.m2m2.vo.exception.NotFoundException)
InternalAuthenticationServiceException(org.springframework.security.authentication.InternalAuthenticationServiceException)
PreAuthenticatedAuthenticationToken(org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken)
SignatureException(io.jsonwebtoken.SignatureException)
IncorrectClaimException(io.jsonwebtoken.IncorrectClaimException)
BadCredentialsException(org.springframework.security.authentication.BadCredentialsException)
BadCredentialsException(org.springframework.security.authentication.BadCredentialsException)
NotFoundException(com.serotonin.m2m2.vo.exception.NotFoundException)
UnsupportedJwtException(io.jsonwebtoken.UnsupportedJwtException)
InternalAuthenticationServiceException(org.springframework.security.authentication.InternalAuthenticationServiceException)
MissingClaimException(io.jsonwebtoken.MissingClaimException)
IncorrectClaimException(io.jsonwebtoken.IncorrectClaimException)
CredentialsExpiredException(org.springframework.security.authentication.CredentialsExpiredException)
MalformedJwtException(io.jsonwebtoken.MalformedJwtException)
ExpiredJwtException(io.jsonwebtoken.ExpiredJwtException)
SignatureException(io.jsonwebtoken.SignatureException)
AuthenticationException(org.springframework.security.core.AuthenticationException)
MissingClaimException(io.jsonwebtoken.MissingClaimException)
MalformedJwtException(io.jsonwebtoken.MalformedJwtException)
UnsupportedJwtException(io.jsonwebtoken.UnsupportedJwtException)
Example 2 with IncorrectClaimException
use of io.jsonwebtoken.IncorrectClaimException in project jjwt by jwtk.
the class DefaultJwtParser method validateExpectedClaims.
private void validateExpectedClaims(Header header, Claims claims) {
for (String expectedClaimName : expectedClaims.keySet()) {
Object expectedClaimValue = normalize(expectedClaims.get(expectedClaimName));
Object actualClaimValue = normalize(claims.get(expectedClaimName));
if (expectedClaimValue instanceof Date) {
try {
actualClaimValue = claims.get(expectedClaimName, Date.class);
} catch (Exception e) {
String msg = "JWT Claim '" + expectedClaimName + "' was expected to be a Date, but its value " + "cannot be converted to a Date using current heuristics. Value: " + actualClaimValue;
throw new IncorrectClaimException(header, claims, msg);
}
}
InvalidClaimException invalidClaimException = null;
if (actualClaimValue == null) {
String msg = String.format(ClaimJwtException.MISSING_EXPECTED_CLAIM_MESSAGE_TEMPLATE, expectedClaimName, expectedClaimValue);
invalidClaimException = new MissingClaimException(header, claims, msg);
} else if (!expectedClaimValue.equals(actualClaimValue)) {
String msg = String.format(ClaimJwtException.INCORRECT_EXPECTED_CLAIM_MESSAGE_TEMPLATE, expectedClaimName, expectedClaimValue, actualClaimValue);
invalidClaimException = new IncorrectClaimException(header, claims, msg);
}
if (invalidClaimException != null) {
invalidClaimException.setClaimName(expectedClaimName);
invalidClaimException.setClaimValue(expectedClaimValue);
throw invalidClaimException;
}
}
}
Also used :
MissingClaimException(io.jsonwebtoken.MissingClaimException)
InvalidClaimException(io.jsonwebtoken.InvalidClaimException)
IncorrectClaimException(io.jsonwebtoken.IncorrectClaimException)
Date(java.util.Date)
UnsupportedJwtException(io.jsonwebtoken.UnsupportedJwtException)
WeakKeyException(io.jsonwebtoken.security.WeakKeyException)
InvalidKeyException(io.jsonwebtoken.security.InvalidKeyException)
ClaimJwtException(io.jsonwebtoken.ClaimJwtException)
MissingClaimException(io.jsonwebtoken.MissingClaimException)
IncorrectClaimException(io.jsonwebtoken.IncorrectClaimException)
PrematureJwtException(io.jsonwebtoken.PrematureJwtException)
InvalidClaimException(io.jsonwebtoken.InvalidClaimException)
MalformedJwtException(io.jsonwebtoken.MalformedJwtException)
ExpiredJwtException(io.jsonwebtoken.ExpiredJwtException)
SignatureException(io.jsonwebtoken.security.SignatureException)
Example 3 with IncorrectClaimException
use of io.jsonwebtoken.IncorrectClaimException in project ma-core-public by infiniteautomation.
the class JwtSignerVerifier method verifyClaim.
protected void verifyClaim(Jws<Claims> token, String expectedClaimName, Object expectedClaimValue) {
JwsHeader<?> header = token.getHeader();
Claims claims = token.getBody();
Object actualClaimValue = claims.get(expectedClaimName);
if (actualClaimValue == null) {
String msg = String.format(ClaimJwtException.MISSING_EXPECTED_CLAIM_MESSAGE_TEMPLATE, expectedClaimName, expectedClaimValue);
throw new MissingClaimException(header, claims, msg);
} else if (!expectedClaimValue.equals(actualClaimValue)) {
String msg = String.format(ClaimJwtException.INCORRECT_EXPECTED_CLAIM_MESSAGE_TEMPLATE, expectedClaimName, expectedClaimValue, actualClaimValue);
throw new IncorrectClaimException(header, claims, msg);
}
}
Also used :
Claims(io.jsonwebtoken.Claims)
MissingClaimException(io.jsonwebtoken.MissingClaimException)
IncorrectClaimException(io.jsonwebtoken.IncorrectClaimException)
Aggregations
IncorrectClaimException (io.jsonwebtoken.IncorrectClaimException)3
MissingClaimException (io.jsonwebtoken.MissingClaimException)3
Claims (io.jsonwebtoken.Claims)2
ExpiredJwtException (io.jsonwebtoken.ExpiredJwtException)2
MalformedJwtException (io.jsonwebtoken.MalformedJwtException)2
UnsupportedJwtException (io.jsonwebtoken.UnsupportedJwtException)2
User (com.serotonin.m2m2.vo.User)1
NotFoundException (com.serotonin.m2m2.vo.exception.NotFoundException)1
ClaimJwtException (io.jsonwebtoken.ClaimJwtException)1
InvalidClaimException (io.jsonwebtoken.InvalidClaimException)1
PrematureJwtException (io.jsonwebtoken.PrematureJwtException)1
SignatureException (io.jsonwebtoken.SignatureException)1
InvalidKeyException (io.jsonwebtoken.security.InvalidKeyException)1
SignatureException (io.jsonwebtoken.security.SignatureException)1
WeakKeyException (io.jsonwebtoken.security.WeakKeyException)1
Date (java.util.Date)1
BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)1
CredentialsExpiredException (org.springframework.security.authentication.CredentialsExpiredException)1
InternalAuthenticationServiceException (org.springframework.security.authentication.InternalAuthenticationServiceException)1
AuthenticationException (org.springframework.security.core.AuthenticationException)1
