Examples with JwtClaims org.apache.cxf.rs.security.jose.jwt.JwtClaims used on opensource projects

Example 51 with JwtClaims

use of org.apache.cxf.rs.security.jose.jwt.JwtClaims in project cxf by apache.

the class JwsCompactReaderWriterTest method testWriteReadJwsUnsigned.

@Test
public void testWriteReadJwsUnsigned() throws Exception {
    JwsHeaders headers = new JwsHeaders(JoseType.JWT);
    headers.setSignatureAlgorithm(SignatureAlgorithm.NONE);
    JwtClaims claims = new JwtClaims();
    claims.setIssuer("https://jwt-idp.example.com");
    claims.setSubject("mailto:mike@example.com");
    claims.setAudiences(Collections.singletonList("https://jwt-rp.example.net"));
    claims.setNotBefore(1300815780L);
    claims.setExpiryTime(1300819380L);
    claims.setClaim("http://claims.example.com/member", true);
    JwsCompactProducer writer = new JwsJwtCompactProducer(headers, claims);
    String signed = writer.getSignedEncodedJws();
    JwsJwtCompactConsumer reader = new JwsJwtCompactConsumer(signed);
    assertEquals(0, reader.getDecodedSignature().length);
    JwtToken token = reader.getJwtToken();
    assertEquals(new JwtToken(headers, claims), token);
}

Example 52 with JwtClaims

use of org.apache.cxf.rs.security.jose.jwt.JwtClaims in project cxf by apache.

the class JwsCompactReaderWriterTest method testNoneSignature.

@Test
public void testNoneSignature() throws Exception {
    JwtClaims claims = new JwtClaims();
    claims.setClaim("a", "b");
    JwsJwtCompactProducer producer = new JwsJwtCompactProducer(claims);
    producer.signWith(new NoneJwsSignatureProvider());
    JwsJwtCompactConsumer consumer = new JwsJwtCompactConsumer(producer.getSignedEncodedJws());
    assertTrue(consumer.verifySignatureWith(new NoneJwsSignatureVerifier()));
    JwtClaims claims2 = consumer.getJwtClaims();
    assertEquals(claims, claims2);
}

Example 53 with JwtClaims

use of org.apache.cxf.rs.security.jose.jwt.JwtClaims in project cxf by apache.

the class JwtRequestCodeGrant method getRequest.

public String getRequest() {
    MultivaluedMap<String, String> map = super.toMap();
    JwtClaims claims = new JwtClaims();
    if (issuer != null) {
        claims.setIssuer(issuer);
    }
    for (String key : map.keySet()) {
        claims.setClaim(key, map.getFirst(key));
    }
    return joseProducer.processJwt(new JwtToken(claims), clientSecret);
}

Example 54 with JwtClaims

use of org.apache.cxf.rs.security.jose.jwt.JwtClaims in project cxf by apache.

the class JwtTokenUtils method createAccessTokenFromJwt.

public static ServerAccessToken createAccessTokenFromJwt(JoseJwtConsumer consumer, String jose, ClientRegistrationProvider clientProvider, Map<String, String> claimsMap) {
    JwtClaims claims = consumer.getJwtToken(jose).getClaims();
    // 'client_id' or 'cid', default client_id
    String clientIdClaimName = JwtTokenUtils.getClaimName(OAuthConstants.CLIENT_ID, OAuthConstants.CLIENT_ID, claimsMap);
    String clientId = claims.getStringProperty(clientIdClaimName);
    Client c = clientProvider.getClient(clientId);
    long issuedAt = claims.getIssuedAt();
    long lifetime = claims.getExpiryTime() - issuedAt;
    BearerAccessToken at = new BearerAccessToken(c, jose, lifetime, issuedAt);
    List<String> audiences = claims.getAudiences();
    if (audiences != null && !audiences.isEmpty()) {
        at.setAudiences(claims.getAudiences());
    }
    String issuer = claims.getIssuer();
    if (issuer != null) {
        at.setIssuer(issuer);
    }
    Object scope = claims.getClaim(OAuthConstants.SCOPE);
    if (scope != null) {
        String[] scopes = scope instanceof String ? scope.toString().split(" ") : CastUtils.cast((List<?>) scope).toArray(new String[] {});
        List<OAuthPermission> perms = new LinkedList<OAuthPermission>();
        for (String s : scopes) {
            if (!StringUtils.isEmpty(s)) {
                perms.add(new OAuthPermission(s.trim()));
            }
        }
        at.setScopes(perms);
    }
    final String usernameProp = "username";
    String usernameClaimName = JwtTokenUtils.getClaimName(usernameProp, usernameProp, claimsMap);
    String username = claims.getStringProperty(usernameClaimName);
    String subject = claims.getSubject();
    if (username != null) {
        UserSubject userSubject = new UserSubject(username);
        if (subject != null) {
            userSubject.setId(subject);
        }
        at.setSubject(userSubject);
    } else if (subject != null) {
        at.setSubject(new UserSubject(subject));
    }
    String grantType = claims.getStringProperty(OAuthConstants.GRANT_TYPE);
    if (grantType != null) {
        at.setGrantType(grantType);
    }
    String grantCode = claims.getStringProperty(OAuthConstants.AUTHORIZATION_CODE_GRANT);
    if (grantCode != null) {
        at.setGrantCode(grantCode);
    }
    String codeVerifier = claims.getStringProperty(OAuthConstants.AUTHORIZATION_CODE_VERIFIER);
    if (codeVerifier != null) {
        at.setClientCodeVerifier(codeVerifier);
    }
    String nonce = claims.getStringProperty(OAuthConstants.NONCE);
    if (nonce != null) {
        at.setNonce(nonce);
    }
    Map<String, String> extraProperties = CastUtils.cast((Map<?, ?>) claims.getClaim("extra_properties"));
    if (extraProperties != null) {
        at.getExtraProperties().putAll(extraProperties);
        Map<String, Object> cnfClaim = CastUtils.cast((Map<?, ?>) claims.getClaim(JwtConstants.CLAIM_CONFIRMATION));
        if (cnfClaim != null) {
            Object certCnf = cnfClaim.get(JoseConstants.HEADER_X509_THUMBPRINT_SHA256);
            if (certCnf != null) {
                at.getExtraProperties().put(JoseConstants.HEADER_X509_THUMBPRINT_SHA256, certCnf.toString());
            }
        }
    }
    return at;
}

Example 55 with JwtClaims

use of org.apache.cxf.rs.security.jose.jwt.JwtClaims in project cxf by apache.

the class JweJwtCompactConsumer method decryptWith.

public JwtToken decryptWith(JweDecryptionProvider jwe) {
    byte[] bytes = jwe.decrypt(jweConsumer.getJweDecryptionInput());
    JwtClaims claims = JwtUtils.jsonToClaims(toString(bytes));
    return new JwtToken(headers, claims);
}