Examples with JweDecryptionOutput org.apache.cxf.rs.security.jose.jwe.JweDecryptionOutput used on opensource projects

Search in sources :

Example 11 with JweDecryptionOutput

use of org.apache.cxf.rs.security.jose.jwe.JweDecryptionOutput in project cxf by apache.

the class JWTTokenProviderTest method testCreateSignedEncryptedJWT.

@org.junit.Test
public void testCreateSignedEncryptedJWT() throws Exception {
    TokenProvider jwtTokenProvider = new JWTTokenProvider();
    TokenProviderParameters providerParameters = createProviderParameters();
    providerParameters.setEncryptToken(true);
    assertTrue(jwtTokenProvider.canHandleToken(JWTTokenProvider.JWT_TOKEN_TYPE));
    TokenProviderResponse providerResponse = jwtTokenProvider.createToken(providerParameters);
    assertTrue(providerResponse != null);
    assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
    String token = (String) providerResponse.getToken();
    assertNotNull(token);
    assertTrue(token.split("\\.").length == 5);
    if (unrestrictedPoliciesInstalled) {
        // Validate the token
        JweJwtCompactConsumer jwtConsumer = new JweJwtCompactConsumer(token);
        Properties decProperties = new Properties();
        Crypto decryptionCrypto = CryptoFactory.getInstance(getDecryptionProperties());
        KeyStore keystore = ((Merlin) decryptionCrypto).getKeyStore();
        decProperties.put(JoseConstants.RSSEC_KEY_STORE, keystore);
        decProperties.put(JoseConstants.RSSEC_KEY_STORE_ALIAS, "myservicekey");
        decProperties.put(JoseConstants.RSSEC_KEY_PSWD, "skpass");
        JweDecryptionProvider decProvider = JweUtils.loadDecryptionProvider(decProperties, jwtConsumer.getHeaders());
        JweDecryptionOutput decOutput = decProvider.decrypt(token);
        String decToken = decOutput.getContentText();
        JwsJwtCompactConsumer jwtJwsConsumer = new JwsJwtCompactConsumer(decToken);
        JwtToken jwt = jwtJwsConsumer.getJwtToken();
        Assert.assertEquals("alice", jwt.getClaim(JwtConstants.CLAIM_SUBJECT));
        Assert.assertEquals(providerResponse.getTokenId(), jwt.getClaim(JwtConstants.CLAIM_JWT_ID));
        Assert.assertEquals(providerResponse.getCreated().getEpochSecond(), jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT));
        Assert.assertEquals(providerResponse.getExpires().getEpochSecond(), jwt.getClaim(JwtConstants.CLAIM_EXPIRY));
    }
}
Also used : StaticSTSProperties(org.apache.cxf.sts.StaticSTSProperties) EncryptionProperties(org.apache.cxf.sts.service.EncryptionProperties) SignatureProperties(org.apache.cxf.sts.SignatureProperties) Properties(java.util.Properties) KeyStore(java.security.KeyStore) JwtToken(org.apache.cxf.rs.security.jose.jwt.JwtToken) JWTTokenProvider(org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider) Crypto(org.apache.wss4j.common.crypto.Crypto) JweDecryptionOutput(org.apache.cxf.rs.security.jose.jwe.JweDecryptionOutput) JweDecryptionProvider(org.apache.cxf.rs.security.jose.jwe.JweDecryptionProvider) JwsJwtCompactConsumer(org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer) JweJwtCompactConsumer(org.apache.cxf.rs.security.jose.jwe.JweJwtCompactConsumer) Merlin(org.apache.wss4j.common.crypto.Merlin) JWTTokenProvider(org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider)

Example 12 with JweDecryptionOutput

use of org.apache.cxf.rs.security.jose.jwe.JweDecryptionOutput in project cxf by apache.

the class JWTTokenProviderTest method testCreateUnsignedEncryptedJWT.

@org.junit.Test
public void testCreateUnsignedEncryptedJWT() throws Exception {
    TokenProvider jwtTokenProvider = new JWTTokenProvider();
    ((JWTTokenProvider) jwtTokenProvider).setSignToken(false);
    TokenProviderParameters providerParameters = createProviderParameters();
    providerParameters.setEncryptToken(true);
    assertTrue(jwtTokenProvider.canHandleToken(JWTTokenProvider.JWT_TOKEN_TYPE));
    TokenProviderResponse providerResponse = jwtTokenProvider.createToken(providerParameters);
    assertTrue(providerResponse != null);
    assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
    String token = (String) providerResponse.getToken();
    assertNotNull(token);
    assertTrue(token.split("\\.").length == 5);
    if (unrestrictedPoliciesInstalled) {
        // Validate the token
        JweJwtCompactConsumer jwtConsumer = new JweJwtCompactConsumer(token);
        Properties decProperties = new Properties();
        Crypto decryptionCrypto = CryptoFactory.getInstance(getDecryptionProperties());
        KeyStore keystore = ((Merlin) decryptionCrypto).getKeyStore();
        decProperties.put(JoseConstants.RSSEC_KEY_STORE, keystore);
        decProperties.put(JoseConstants.RSSEC_KEY_STORE_ALIAS, "myservicekey");
        decProperties.put(JoseConstants.RSSEC_KEY_PSWD, "skpass");
        JweDecryptionProvider decProvider = JweUtils.loadDecryptionProvider(decProperties, jwtConsumer.getHeaders());
        JweDecryptionOutput decOutput = decProvider.decrypt(token);
        String decToken = decOutput.getContentText();
        JwsJwtCompactConsumer jwtJwsConsumer = new JwsJwtCompactConsumer(decToken);
        JwtToken jwt = jwtJwsConsumer.getJwtToken();
        Assert.assertEquals("alice", jwt.getClaim(JwtConstants.CLAIM_SUBJECT));
        Assert.assertEquals(providerResponse.getTokenId(), jwt.getClaim(JwtConstants.CLAIM_JWT_ID));
        Assert.assertEquals(providerResponse.getCreated().getEpochSecond(), jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT));
        Assert.assertEquals(providerResponse.getExpires().getEpochSecond(), jwt.getClaim(JwtConstants.CLAIM_EXPIRY));
    }
}
Also used : StaticSTSProperties(org.apache.cxf.sts.StaticSTSProperties) EncryptionProperties(org.apache.cxf.sts.service.EncryptionProperties) SignatureProperties(org.apache.cxf.sts.SignatureProperties) Properties(java.util.Properties) KeyStore(java.security.KeyStore) JwtToken(org.apache.cxf.rs.security.jose.jwt.JwtToken) JWTTokenProvider(org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider) Crypto(org.apache.wss4j.common.crypto.Crypto) JweDecryptionOutput(org.apache.cxf.rs.security.jose.jwe.JweDecryptionOutput) JweDecryptionProvider(org.apache.cxf.rs.security.jose.jwe.JweDecryptionProvider) JwsJwtCompactConsumer(org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer) JweJwtCompactConsumer(org.apache.cxf.rs.security.jose.jwe.JweJwtCompactConsumer) Merlin(org.apache.wss4j.common.crypto.Merlin) JWTTokenProvider(org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider)

Aggregations

JweDecryptionOutput (org.apache.cxf.rs.security.jose.jwe.JweDecryptionOutput)12 JweDecryptionProvider (org.apache.cxf.rs.security.jose.jwe.JweDecryptionProvider)7 ByteArrayInputStream (java.io.ByteArrayInputStream)4 Properties (java.util.Properties)4 JweJwtCompactConsumer (org.apache.cxf.rs.security.jose.jwe.JweJwtCompactConsumer)4 JwsJwtCompactConsumer (org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer)4 KeyStore (java.security.KeyStore)3 JwtToken (org.apache.cxf.rs.security.jose.jwt.JwtToken)3 SignatureProperties (org.apache.cxf.sts.SignatureProperties)3 StaticSTSProperties (org.apache.cxf.sts.StaticSTSProperties)3 EncryptionProperties (org.apache.cxf.sts.service.EncryptionProperties)3 JWTTokenProvider (org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider)3 Crypto (org.apache.wss4j.common.crypto.Crypto)3 Merlin (org.apache.wss4j.common.crypto.Merlin)3 JweCompactConsumer (org.apache.cxf.rs.security.jose.jwe.JweCompactConsumer)2 JweException (org.apache.cxf.rs.security.jose.jwe.JweException)2 Message (org.apache.cxf.message.Message)1 ContentAlgorithm (org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm)1 JweHeaders (org.apache.cxf.rs.security.jose.jwe.JweHeaders)1 JweJsonConsumer (org.apache.cxf.rs.security.jose.jwe.JweJsonConsumer)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial