use of io.vertx.ext.auth.jwt.JWTAuthOptions in project vertx-auth by vert-x3.
the class AuthJWTExamples method example7.
public void example7(Vertx vertx, String username, String password) {
JWTAuthOptions config = new JWTAuthOptions().setKeyStore(new KeyStoreOptions().setPath("keystore.jceks").setPassword("secret"));
JWTAuth provider = JWTAuth.create(vertx, config);
// on the verify endpoint once you verify the identity of the user by its username/password
if ("paulo".equals(username) && "super_secret".equals(password)) {
String token = provider.generateToken(new JsonObject().put("sub", "paulo"), new JWTOptions());
// now for any request to protected resources you should pass this string in the HTTP header Authorization as:
// Authorization: Bearer <token>
}
}
use of io.vertx.ext.auth.jwt.JWTAuthOptions in project vertx-zero by silentbalanceyh.
the class UxJwt method generate.
static String generate(final JsonObject claims, final JWTOptions options, final Function<String, Buffer> funcBuffer) {
final JsonObject opts = readOptions();
final JWTAuthOptions meta = Fn.get(new JWTAuthOptions(), () -> new JWTAuthOptions(opts), opts);
return Fn.get(() -> {
final JsonObject _claims = claims.copy();
if (options.getPermissions() != null && !_claims.containsKey(meta.getPermissionsClaimKey())) {
_claims.put(meta.getPermissionsClaimKey(), new JsonArray(options.getPermissions()));
}
final JWT reference = create(meta, funcBuffer);
return reference.sign(_claims, options);
}, meta, claims);
}
use of io.vertx.ext.auth.jwt.JWTAuthOptions in project vertx-auth by vert-x3.
the class JWTAuthProviderTest method testGenerateNewTokenForceAlgorithm.
@Test
public void testGenerateNewTokenForceAlgorithm() {
authProvider = JWTAuth.create(vertx, new JWTAuthOptions().setKeyStore(new KeyStoreOptions().setPath("gce.jks").setType("jks").setPassword("notasecret")));
String token = authProvider.generateToken(new JsonObject(), new JWTOptions().setAlgorithm("RS256"));
assertNotNull(token);
// reverse
JsonObject authInfo = new JsonObject().put("jwt", token);
authProvider.authenticate(authInfo, onSuccess(res -> {
assertNotNull(res);
testComplete();
}));
await();
}
use of io.vertx.ext.auth.jwt.JWTAuthOptions in project vertx-auth by vert-x3.
the class JWTAuthProviderTest method testAlgNone.
@Test
public void testAlgNone() {
JWTAuth authProvider = JWTAuth.create(vertx, new JWTAuthOptions());
JsonObject payload = new JsonObject().put("sub", "UserUnderTest").put("aud", "OrganizationUnderTest").put("iat", 1431695313).put("exp", 1747055313).put("roles", new JsonArray().add("admin").add("developer").add("user")).put("permissions", new JsonArray().add("read").add("write").add("execute"));
final String token = authProvider.generateToken(payload, new JWTOptions().setSubject("UserUnderTest").setAlgorithm("none"));
assertNotNull(token);
JsonObject authInfo = new JsonObject().put("jwt", token);
authProvider.authenticate(authInfo, onSuccess(res -> {
assertNotNull(res);
testComplete();
}));
await();
}
use of io.vertx.ext.auth.jwt.JWTAuthOptions in project vertx-auth by vert-x3.
the class JWTAuthProviderTest method testValidateTokenWithInvalidMacSecret.
@Test
public void testValidateTokenWithInvalidMacSecret() {
String token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE1MDE3ODUyMDZ9.08K_rROcCmKTF1cKfPCli2GQFYIOP8dePxeS1SE4dc8";
authProvider = JWTAuth.create(vertx, new JWTAuthOptions().addSecret(new SecretOptions().setType("HS256").setSecret("a bad secret")));
JsonObject authInfo = new JsonObject().put("jwt", token);
authProvider.authenticate(authInfo, onFailure(res -> {
assertNotNull(res);
testComplete();
}));
await();
}
Aggregations