Example 1 with SignedEncryptedJwt
use of org.forgerock.json.jose.jws.SignedEncryptedJwt in project OpenAM by OpenRock.
the class JwtSessionMapper method fromJwt.
/**
* Extract the SessionInfo stored in the provided JWT's serialized_session claim.
*
* @param jwtString Non-null, String which represents a JWT with SessionInfo state assigned to a serialized_session claim.
*
* @return SessionInfo A correctly parsed SessionInfo for the given JWT String.
*
* @throws JwtRuntimeException If there was a problem reconstructing the JWT
*/
public SessionInfo fromJwt(@Nonnull String jwtString) throws JwtRuntimeException {
Reject.ifNull(jwtString, "jwtString must not be null.");
SignedJwt signedJwt;
if (encryptionKeyPair != null) {
// could throw JwtRuntimeException
SignedEncryptedJwt signedEncryptedJwt = jwtBuilderFactory.reconstruct(jwtString, SignedEncryptedJwt.class);
signedEncryptedJwt.decrypt(encryptionKeyPair.getPrivate());
signedJwt = signedEncryptedJwt;
} else {
// could throw JwtRuntimeException
signedJwt = jwtBuilderFactory.reconstruct(jwtString, SignedJwt.class);
}
if (!doesJwtAlgorithmMatch(signedJwt) || !signedJwt.verify(verificationHandler)) {
throw new JwtRuntimeException("Invalid JWT!");
}
JwtClaimsSet claimsSet = signedJwt.getClaimsSet();
String serializedSession = claimsSet.getClaim(SERIALIZED_SESSION_CLAIM, String.class);
return fromJson(serializedSession);
}
Also used :
SignedEncryptedJwt(org.forgerock.json.jose.jws.SignedEncryptedJwt)
JwtClaimsSet(org.forgerock.json.jose.jwt.JwtClaimsSet)
JwtRuntimeException(org.forgerock.json.jose.exceptions.JwtRuntimeException)
SignedJwt(org.forgerock.json.jose.jws.SignedJwt)
Aggregations
JwtRuntimeException (org.forgerock.json.jose.exceptions.JwtRuntimeException)1
SignedEncryptedJwt (org.forgerock.json.jose.jws.SignedEncryptedJwt)1
SignedJwt (org.forgerock.json.jose.jws.SignedJwt)1
JwtClaimsSet (org.forgerock.json.jose.jwt.JwtClaimsSet)1
