Search in sources :

Example 1 with SignatureKeyManagerException

use of org.eclipse.che.multiuser.machine.authentication.server.signature.SignatureKeyManagerException in project che-server by eclipse-che.

the class MachineTokenRegistry method createToken.

/**
 * Creates new token with given data.
 */
private String createToken(String userId, String workspaceId) throws MachineTokenException {
    try {
        final PrivateKey privateKey = signatureKeyManager.getOrCreateKeyPair(workspaceId).getPrivate();
        final User user = userManager.getById(userId);
        final Map<String, Object> header = new HashMap<>(2);
        header.put("kind", MACHINE_TOKEN_KIND);
        header.put("kid", workspaceId);
        final Map<String, Object> claims = new HashMap<>();
        // to ensure that each token is unique
        claims.put(Claims.ID, UUID.randomUUID().toString());
        claims.put(Constants.USER_ID_CLAIM, userId);
        claims.put(Constants.USER_NAME_CLAIM, user.getName());
        claims.put(Constants.WORKSPACE_ID_CLAIM, workspaceId);
        // jwtproxy required claims
        claims.put(Claims.ISSUER, "wsmaster");
        claims.put(Claims.AUDIENCE, workspaceId);
        claims.put(Claims.EXPIRATION, Instant.now().plus(365, DAYS).getEpochSecond());
        // always
        claims.put(Claims.NOT_BEFORE, -1);
        claims.put(Claims.ISSUED_AT, Instant.now().getEpochSecond());
        final String token = Jwts.builder().setClaims(claims).setHeader(header).signWith(RS256, privateKey).compact();
        tokens.put(workspaceId, userId, token);
        return token;
    } catch (SignatureKeyManagerException | NotFoundException | ServerException ex) {
        throw new MachineTokenException(format("Failed to generate machine token for user '%s' and workspace '%s'. Cause: '%s'", userId, workspaceId, ex.getMessage()), ex);
    }
}
Also used : PrivateKey(java.security.PrivateKey) User(org.eclipse.che.api.core.model.user.User) ServerException(org.eclipse.che.api.core.ServerException) HashMap(java.util.HashMap) SignatureKeyManagerException(org.eclipse.che.multiuser.machine.authentication.server.signature.SignatureKeyManagerException) NotFoundException(org.eclipse.che.api.core.NotFoundException) MachineTokenException(org.eclipse.che.api.workspace.server.token.MachineTokenException)

Example 2 with SignatureKeyManagerException

use of org.eclipse.che.multiuser.machine.authentication.server.signature.SignatureKeyManagerException in project devspaces-images by redhat-developer.

the class MachineTokenRegistry method createToken.

/**
 * Creates new token with given data.
 */
private String createToken(String userId, String workspaceId) throws MachineTokenException {
    try {
        final PrivateKey privateKey = signatureKeyManager.getOrCreateKeyPair(workspaceId).getPrivate();
        final User user = userManager.getById(userId);
        final Map<String, Object> header = new HashMap<>(2);
        header.put("kind", MACHINE_TOKEN_KIND);
        header.put("kid", workspaceId);
        final Map<String, Object> claims = new HashMap<>();
        // to ensure that each token is unique
        claims.put(Claims.ID, UUID.randomUUID().toString());
        claims.put(Constants.USER_ID_CLAIM, userId);
        claims.put(Constants.USER_NAME_CLAIM, user.getName());
        claims.put(Constants.WORKSPACE_ID_CLAIM, workspaceId);
        // jwtproxy required claims
        claims.put(Claims.ISSUER, "wsmaster");
        claims.put(Claims.AUDIENCE, workspaceId);
        claims.put(Claims.EXPIRATION, Instant.now().plus(365, DAYS).getEpochSecond());
        // always
        claims.put(Claims.NOT_BEFORE, -1);
        claims.put(Claims.ISSUED_AT, Instant.now().getEpochSecond());
        final String token = Jwts.builder().setClaims(claims).setHeader(header).signWith(RS256, privateKey).compact();
        tokens.put(workspaceId, userId, token);
        return token;
    } catch (SignatureKeyManagerException | NotFoundException | ServerException ex) {
        throw new MachineTokenException(format("Failed to generate machine token for user '%s' and workspace '%s'. Cause: '%s'", userId, workspaceId, ex.getMessage()), ex);
    }
}
Also used : PrivateKey(java.security.PrivateKey) User(org.eclipse.che.api.core.model.user.User) ServerException(org.eclipse.che.api.core.ServerException) HashMap(java.util.HashMap) SignatureKeyManagerException(org.eclipse.che.multiuser.machine.authentication.server.signature.SignatureKeyManagerException) NotFoundException(org.eclipse.che.api.core.NotFoundException) MachineTokenException(org.eclipse.che.api.workspace.server.token.MachineTokenException)

Aggregations

PrivateKey (java.security.PrivateKey)2 HashMap (java.util.HashMap)2 NotFoundException (org.eclipse.che.api.core.NotFoundException)2 ServerException (org.eclipse.che.api.core.ServerException)2 User (org.eclipse.che.api.core.model.user.User)2 MachineTokenException (org.eclipse.che.api.workspace.server.token.MachineTokenException)2 SignatureKeyManagerException (org.eclipse.che.multiuser.machine.authentication.server.signature.SignatureKeyManagerException)2