Examples with JwtRuntimeException org.forgerock.json.jose.exceptions.JwtRuntimeException used on opensource projects

Example 1 with JwtRuntimeException

use of org.forgerock.json.jose.exceptions.JwtRuntimeException in project OpenAM by OpenRock.

the class AuthIdHelper method verifyAuthId.

/**
     * Verifies the signature of the JWT, to ensure the JWT is valid.
     *
     * @param realmDN The DN for the realm being authenticated against.
     * @param authId The authentication id JWT.
     */
public void verifyAuthId(String realmDN, String authId) throws RestAuthException {
    SecretKey key = getSigningKey(realmDN);
    try {
        final SigningHandler signingHandler = signingManager.newHmacSigningHandler(key.getEncoded());
        boolean verified = jwtBuilderFactory.reconstruct(authId, SignedJwt.class).verify(signingHandler);
        if (!verified) {
            throw new RestAuthException(ResourceException.BAD_REQUEST, "AuthId JWT Signature not valid");
        }
    } catch (JwtRuntimeException e) {
        throw new RestAuthException(ResourceException.BAD_REQUEST, "Failed to parse JWT, " + e.getLocalizedMessage(), e);
    }
}

Example 2 with JwtRuntimeException

use of org.forgerock.json.jose.exceptions.JwtRuntimeException in project OpenAM by OpenRock.

the class StatelessSessionFactory method getSessionInfo.

/**
     * Will create the SessionInfo from the JWT contained within the
     * SessionID.
     *
     * Side Effect: Will cache the generated JWT and SessionInfo combination.
     *
     * @param sessionID Maybe null SessionID.
     *
     * @return SessionInfo Non null SessionInfo which corresponds to the SessionID.
     *
     * @throws SessionException If there was any problem with getting the SessionInfo
     * from the JWT within with SessionID
     */
public SessionInfo getSessionInfo(SessionID sessionID) throws SessionException {
    String jwt = getJWTFromSessionID(sessionID, true);
    if (cache.contains(jwt)) {
        return cache.getSessionInfo(jwt);
    }
    SessionInfo sessionInfo;
    try {
        sessionInfo = getJwtSessionMapper().fromJwt(jwt);
    } catch (JwtRuntimeException e) {
        throw new SessionException(e);
    }
    cache.cache(sessionInfo, jwt);
    return sessionInfo;
}

Example 3 with JwtRuntimeException

use of org.forgerock.json.jose.exceptions.JwtRuntimeException in project OpenAM by OpenRock.

the class JwtSessionMapper method fromJwt.

/**
     * Extract the SessionInfo stored in the provided JWT's serialized_session claim.
     *
     * @param jwtString Non-null, String which represents a JWT with SessionInfo state assigned to a serialized_session claim.
     *
     * @return SessionInfo A correctly parsed SessionInfo for the given JWT String.
     *
     * @throws JwtRuntimeException If there was a problem reconstructing the JWT
     */
public SessionInfo fromJwt(@Nonnull String jwtString) throws JwtRuntimeException {
    Reject.ifNull(jwtString, "jwtString must not be null.");
    SignedJwt signedJwt;
    if (encryptionKeyPair != null) {
        // could throw JwtRuntimeException
        SignedEncryptedJwt signedEncryptedJwt = jwtBuilderFactory.reconstruct(jwtString, SignedEncryptedJwt.class);
        signedEncryptedJwt.decrypt(encryptionKeyPair.getPrivate());
        signedJwt = signedEncryptedJwt;
    } else {
        // could throw JwtRuntimeException
        signedJwt = jwtBuilderFactory.reconstruct(jwtString, SignedJwt.class);
    }
    if (!doesJwtAlgorithmMatch(signedJwt) || !signedJwt.verify(verificationHandler)) {
        throw new JwtRuntimeException("Invalid JWT!");
    }
    JwtClaimsSet claimsSet = signedJwt.getClaimsSet();
    String serializedSession = claimsSet.getClaim(SERIALIZED_SESSION_CLAIM, String.class);
    return fromJson(serializedSession);
}