use of org.apache.nifi.registry.security.key.Key in project nifi-registry by apache.
the class JwtService method generateSignedToken.
public String generateSignedToken(String identity, String preferredUsername, String issuer, String audience, long expirationMillis) throws JwtException {
if (identity == null || StringUtils.isEmpty(identity)) {
String errorMessage = "Cannot generate a JWT for a token with an empty identity";
errorMessage = issuer != null ? errorMessage + " issued by " + issuer + "." : ".";
logger.error(errorMessage);
throw new IllegalArgumentException(errorMessage);
}
// Compute expiration
final Calendar now = Calendar.getInstance();
long expirationMillisRelativeToNow = validateTokenExpiration(expirationMillis, identity);
long expirationMillisSinceEpoch = now.getTimeInMillis() + expirationMillisRelativeToNow;
final Calendar expiration = new Calendar.Builder().setInstant(expirationMillisSinceEpoch).build();
try {
// Get/create the key for this user
final Key key = keyService.getOrCreateKey(identity);
final byte[] keyBytes = key.getKey().getBytes(StandardCharsets.UTF_8);
// Build the token
return Jwts.builder().setSubject(identity).setIssuer(issuer).setAudience(audience).claim(USERNAME_CLAIM, preferredUsername).claim(KEY_ID_CLAIM, key.getId()).setIssuedAt(now.getTime()).setExpiration(expiration.getTime()).signWith(SIGNATURE_ALGORITHM, keyBytes).compact();
} catch (NullPointerException e) {
final String errorMessage = "Could not retrieve the signing key for JWT for " + identity;
logger.error(errorMessage, e);
throw new JwtException(errorMessage, e);
}
}
use of org.apache.nifi.registry.security.key.Key in project nifi-registry by apache.
the class DataModelMapper method map.
// --- Map keys
public static Key map(final KeyEntity keyEntity) {
final Key key = new Key();
key.setId(keyEntity.getId());
key.setIdentity(keyEntity.getTenantIdentity());
key.setKey(keyEntity.getKeyValue());
return key;
}
use of org.apache.nifi.registry.security.key.Key in project nifi-registry by apache.
the class TestDatabaseKeyService method testGetOrCreateKeyWhenExists.
@Test
public void testGetOrCreateKeyWhenExists() {
final Key existingKey = keyService.getOrCreateKey("unit_test_tenant_identity");
assertNotNull(existingKey);
assertEquals("1", existingKey.getId());
assertEquals("unit_test_tenant_identity", existingKey.getIdentity());
assertEquals("0123456789abcdef", existingKey.getKey());
}
use of org.apache.nifi.registry.security.key.Key in project nifi-registry by apache.
the class TestDatabaseKeyService method testGetKeyByIdWhenExists.
@Test
public void testGetKeyByIdWhenExists() {
final Key existingKey = keyService.getKey("1");
assertNotNull(existingKey);
assertEquals("1", existingKey.getId());
assertEquals("unit_test_tenant_identity", existingKey.getIdentity());
assertEquals("0123456789abcdef", existingKey.getKey());
}
use of org.apache.nifi.registry.security.key.Key in project nifi-registry by apache.
the class TestDatabaseKeyService method testGetOrCreateKeyWhenDoesNotExist.
@Test
public void testGetOrCreateKeyWhenDoesNotExist() {
final Key createdKey = keyService.getOrCreateKey("does-not-exist");
assertNotNull(createdKey);
assertNotNull(createdKey.getId());
assertEquals("does-not-exist", createdKey.getIdentity());
assertNotNull(createdKey.getKey());
}
Aggregations