Example 56 with JwtClaims
use of org.jose4j.jwt.JwtClaims in project light-4j by networknt.
the class JwtHelperTest method testVerifySign.
@Test
public void testVerifySign() throws Exception {
JwtClaims claims = ClaimsUtil.getTestClaims("steve", "EMPLOYEE", "f7d42348-c647-4efb-a52d-4c5787421e72", Arrays.asList("write:pets", "read:pets"), "user");
String jwt = JwtIssuer.getJwt(claims);
claims = null;
Assert.assertNotNull(jwt);
try {
claims = JwtHelper.verifyJwt(jwt, false, false);
} catch (Exception e) {
e.printStackTrace();
}
Assert.assertNotNull(claims);
Assert.assertEquals("steve", claims.getStringClaimValue(Constants.USER_ID_STRING));
try {
claims = JwtHelper.verifyJwt(jwt, false, false);
} catch (Exception e) {
e.printStackTrace();
}
System.out.println("jwtClaims = " + claims);
}
Also used :
JwtClaims(org.jose4j.jwt.JwtClaims)
KeyStoreException(java.security.KeyStoreException)
JoseException(org.jose4j.lang.JoseException)
Test(org.junit.Test)
Example 57 with JwtClaims
use of org.jose4j.jwt.JwtClaims in project light-4j by networknt.
the class JwtHelperTest method testVerifyJwt.
@Test
public void testVerifyJwt() throws Exception {
JwtClaims claims = ClaimsUtil.getTestClaims("steve", "EMPLOYEE", "f7d42348-c647-4efb-a52d-4c5787421e72", Arrays.asList("write:pets", "read:pets"), "user");
String jwt = JwtIssuer.getJwt(claims);
claims = null;
Assert.assertNotNull(jwt);
try {
claims = JwtHelper.verifyJwt(jwt, false);
} catch (Exception e) {
e.printStackTrace();
}
Assert.assertNotNull(claims);
Assert.assertEquals("steve", claims.getStringClaimValue(Constants.USER_ID_STRING));
try {
claims = JwtHelper.verifyJwt(jwt, false);
} catch (Exception e) {
e.printStackTrace();
}
System.out.println("jwtClaims = " + claims);
}
Also used :
JwtClaims(org.jose4j.jwt.JwtClaims)
KeyStoreException(java.security.KeyStoreException)
JoseException(org.jose4j.lang.JoseException)
Test(org.junit.Test)
Example 58 with JwtClaims
use of org.jose4j.jwt.JwtClaims in project light-4j by networknt.
the class JwtVerifierTest method testVerifyJwtByJsonWebKeys.
@Test
public void testVerifyJwtByJsonWebKeys() throws Exception {
JwtConfig jwtConfig = (JwtConfig) Config.getInstance().getJsonObjectConfig(JwtIssuer.JWT_CONFIG, JwtConfig.class);
String fileName = jwtConfig.getKey().getFilename();
String alias = jwtConfig.getKey().getKeyName();
KeyStore ks = loadKeystore(fileName, jwtConfig.getKey().getPassword());
Key privateKey = ks.getKey(alias, jwtConfig.getKey().getPassword().toCharArray());
JsonWebSignature jws = new JsonWebSignature();
String iss = "my.test.iss";
JwtClaims jwtClaims = JwtClaims.parse("{\n" + " \"sub\": \"5745ed4b-0158-45ff-89af-4ce99bc6f4de\",\n" + " \"iss\": \"" + iss + "\",\n" + " \"subject_type\": \"client-id\",\n" + " \"exp\": 1557419531,\n" + " \"iat\": 1557419231,\n" + " \"scope\": [\n" + " \"my.test.scope.read\",\n" + " \"my.test.scope.write\",\n" + " ],\n" + " \"consumer_application_id\": \"389\",\n" + " \"request_transit\": \"63092\"\n" + "}");
// The payload of the JWS is JSON content of the JWT Claims
jws.setPayload(jwtClaims.toJson());
// use private key to sign the JWT
jws.setKey(privateKey);
jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.RSA_USING_SHA256);
String jwt = jws.getCompactSerialization();
Assert.assertNotNull(jwt);
System.out.print("JWT = " + jwt);
JwtVerifier jwtVerifier = new JwtVerifier(Config.getInstance().getJsonMapConfig(CONFIG_NAME));
JwtClaims claims = jwtVerifier.verifyJwt(jwt, true, true, (kId, isToken) -> {
try {
// use public key to create the the JsonWebKey
Key publicKey = ks.getCertificate(alias).getPublicKey();
PublicJsonWebKey jwk = PublicJsonWebKey.Factory.newPublicJwk(publicKey);
List<JsonWebKey> jwkList = Arrays.asList(jwk);
return new JwksVerificationKeyResolver(jwkList);
} catch (JoseException | KeyStoreException e) {
throw new RuntimeException(e);
}
});
Assert.assertNotNull(claims);
Assert.assertEquals(iss, claims.getStringClaimValue("iss"));
}
Also used :
JwtClaims(org.jose4j.jwt.JwtClaims)
JoseException(org.jose4j.lang.JoseException)
JsonWebKey(org.jose4j.jwk.JsonWebKey)
PublicJsonWebKey(org.jose4j.jwk.PublicJsonWebKey)
KeyStoreException(java.security.KeyStoreException)
KeyStore(java.security.KeyStore)
PublicJsonWebKey(org.jose4j.jwk.PublicJsonWebKey)
JsonWebSignature(org.jose4j.jws.JsonWebSignature)
JwksVerificationKeyResolver(org.jose4j.keys.resolvers.JwksVerificationKeyResolver)
JsonWebKey(org.jose4j.jwk.JsonWebKey)
Key(java.security.Key)
PublicJsonWebKey(org.jose4j.jwk.PublicJsonWebKey)
Test(org.junit.Test)
Example 59 with JwtClaims
use of org.jose4j.jwt.JwtClaims in project light-4j by networknt.
the class JwtVerifierTest method testVerifySign.
@Test
public void testVerifySign() throws Exception {
JwtClaims claims = ClaimsUtil.getTestClaims("steve", "EMPLOYEE", "f7d42348-c647-4efb-a52d-4c5787421e72", Arrays.asList("write:pets", "read:pets"), "user");
String jwt = JwtIssuer.getJwt(claims);
claims = null;
Assert.assertNotNull(jwt);
JwtVerifier jwtVerifier = new JwtVerifier(Config.getInstance().getJsonMapConfig(CONFIG_NAME));
try {
claims = jwtVerifier.verifyJwt(jwt, false, false);
} catch (Exception e) {
e.printStackTrace();
}
Assert.assertNotNull(claims);
Assert.assertEquals("steve", claims.getStringClaimValue(Constants.USER_ID_STRING));
try {
claims = jwtVerifier.verifyJwt(jwt, false, false);
} catch (Exception e) {
e.printStackTrace();
}
System.out.println("jwtClaims = " + claims);
}
Also used :
JwtClaims(org.jose4j.jwt.JwtClaims)
KeyStoreException(java.security.KeyStoreException)
JoseException(org.jose4j.lang.JoseException)
Test(org.junit.Test)
Example 60 with JwtClaims
use of org.jose4j.jwt.JwtClaims in project light-4j by networknt.
the class JwtVerifierTest method testVerifyToken.
@Test
public void testVerifyToken() throws Exception {
JwtClaims claims = ClaimsUtil.getTestClaims("steve", "EMPLOYEE", "f7d42348-c647-4efb-a52d-4c5787421e72", Arrays.asList("write:pets", "read:pets"), "user");
String jwt = JwtIssuer.getJwt(claims);
claims = null;
Assert.assertNotNull(jwt);
JwtVerifier jwtVerifier = new JwtVerifier(Config.getInstance().getJsonMapConfig(CONFIG_NAME));
try {
claims = jwtVerifier.verifyJwt(jwt, false, true);
} catch (Exception e) {
e.printStackTrace();
}
Assert.assertNotNull(claims);
Assert.assertEquals("steve", claims.getStringClaimValue(Constants.USER_ID_STRING));
try {
claims = jwtVerifier.verifyJwt(jwt, false, true);
} catch (Exception e) {
e.printStackTrace();
}
System.out.println("jwtClaims = " + claims);
}
Also used :
JwtClaims(org.jose4j.jwt.JwtClaims)
KeyStoreException(java.security.KeyStoreException)
JoseException(org.jose4j.lang.JoseException)
Test(org.junit.Test)
Aggregations
JwtClaims (org.jose4j.jwt.JwtClaims)120
Test (org.junit.Test)47
MalformedClaimException (org.jose4j.jwt.MalformedClaimException)18
JwtConsumer (org.jose4j.jwt.consumer.JwtConsumer)18
JwtConsumerBuilder (org.jose4j.jwt.consumer.JwtConsumerBuilder)17
InvalidJwtException (org.jose4j.jwt.consumer.InvalidJwtException)16
lombok.val (lombok.val)15
JoseException (org.jose4j.lang.JoseException)15
JsonWebSignature (org.jose4j.jws.JsonWebSignature)13
Map (java.util.Map)12
JwtContext (org.jose4j.jwt.consumer.JwtContext)11
JsonWebStructure (org.jose4j.jwx.JsonWebStructure)9
NumericDate (org.jose4j.jwt.NumericDate)8
KeyStoreException (java.security.KeyStoreException)6
ExpiredTokenException (com.networknt.exception.ExpiredTokenException)5
ArrayList (java.util.ArrayList)5
HashMap (java.util.HashMap)5
OidcRegisteredService (org.apereo.cas.services.OidcRegisteredService)5
JwksVerificationKeyResolver (org.jose4j.keys.resolvers.JwksVerificationKeyResolver)4
Test (org.junit.jupiter.api.Test)4
