Example 6 with JwtContext
use of org.jose4j.jwt.consumer.JwtContext in project light-4j by networknt.
the class Http2ClientIT method isTokenExpired.
private static boolean isTokenExpired(String authorization) {
boolean expired = false;
String jwt = getJwtFromAuthorization(authorization);
if (jwt != null) {
try {
JwtConsumer consumer = new JwtConsumerBuilder().setSkipAllValidators().setDisableRequireSignature().setSkipSignatureVerification().build();
JwtContext jwtContext = consumer.process(jwt);
JwtClaims jwtClaims = jwtContext.getJwtClaims();
try {
if ((NumericDate.now().getValue() - 60) >= jwtClaims.getExpirationTime().getValue()) {
expired = true;
}
} catch (MalformedClaimException e) {
logger.error("MalformedClaimException:", e);
}
} catch (InvalidJwtException e) {
e.printStackTrace();
}
}
return expired;
}
Also used :
InvalidJwtException(org.jose4j.jwt.consumer.InvalidJwtException)
MalformedClaimException(org.jose4j.jwt.MalformedClaimException)
JwtClaims(org.jose4j.jwt.JwtClaims)
JwtConsumerBuilder(org.jose4j.jwt.consumer.JwtConsumerBuilder)
JwtConsumer(org.jose4j.jwt.consumer.JwtConsumer)
JwtContext(org.jose4j.jwt.consumer.JwtContext)
Example 7 with JwtContext
use of org.jose4j.jwt.consumer.JwtContext in project digilib by robcast.
the class OpenIdAuthnOps method getUserRoles.
/* (non-Javadoc)
* @see digilib.auth.AuthnOps#getUserRoles(digilib.conf.DigilibRequest)
*/
@Override
public List<String> getUserRoles(DigilibRequest request) throws AuthOpException {
/*
* try token parameter first
*/
String id_token = request.getAsString("id_token");
if (id_token == null || id_token.isEmpty()) {
/*
* try token cookie next
*/
HttpServletRequest srvReq = ((DigilibServletRequest) request).getServletRequest();
Cookie[] cookies = srvReq.getCookies();
if (cookies != null) {
for (Cookie c : cookies) {
if (c.getName().equals(tokenCookieName)) {
id_token = c.getValue();
break;
}
}
}
if (id_token == null || id_token.isEmpty()) {
logger.error("Missing id token!");
return null;
}
}
// the first JwtConsumer is just used to parse the JWT into a JwtContext object.
try {
JwtContext jwtContext = firstPassJwtConsumer.process(id_token);
// extract issuer
String issuer = jwtContext.getJwtClaims().getIssuer();
// get validating consumer for this issuer
JwtConsumer secondPassJwtConsumer = idpJwtConsumers.get(issuer);
if (secondPassJwtConsumer == null) {
logger.error("Unknown id token issuer: " + issuer);
return null;
}
// validate token
secondPassJwtConsumer.processContext(jwtContext);
JwtClaims claims = jwtContext.getJwtClaims();
String sub = claims.getSubject();
// get roles
List<String> provided = idpRoles.get(issuer);
logger.debug("Roles provided by id_token (sub='" + sub + "'): " + provided);
return provided;
} catch (InvalidJwtException | MalformedClaimException e) {
logger.error("Error validating id token: " + e.getMessage());
return null;
}
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
Cookie(javax.servlet.http.Cookie)
InvalidJwtException(org.jose4j.jwt.consumer.InvalidJwtException)
MalformedClaimException(org.jose4j.jwt.MalformedClaimException)
DigilibServletRequest(digilib.conf.DigilibServletRequest)
JwtClaims(org.jose4j.jwt.JwtClaims)
JwtConsumer(org.jose4j.jwt.consumer.JwtConsumer)
JwtContext(org.jose4j.jwt.consumer.JwtContext)
Example 8 with JwtContext
use of org.jose4j.jwt.consumer.JwtContext in project smallrye-jwt by smallrye.
the class DefaultJWTCallerPrincipalFactory method parse.
@Override
public JWTCallerPrincipal parse(final String token, final JWTAuthContextInfo authContextInfo) throws ParseException {
JwtContext jwtContext = parser.parse(token, authContextInfo);
String type = jwtContext.getJoseObjects().get(0).getHeader("typ");
return new DefaultJWTCallerPrincipal(type, jwtContext.getJwtClaims());
}
Also used :
JwtContext(org.jose4j.jwt.consumer.JwtContext)
Example 9 with JwtContext
use of org.jose4j.jwt.consumer.JwtContext in project smallrye-jwt by smallrye.
the class DefaultJWTTokenParser method verifyRequiredClaims.
private void verifyRequiredClaims(JWTAuthContextInfo authContextInfo, JwtContext jwtContext) throws InvalidJwtException {
final Set<String> requiredClaims = authContextInfo.getRequiredClaims();
if (requiredClaims != null) {
if (!jwtContext.getJwtClaims().getClaimsMap().keySet().containsAll(requiredClaims)) {
if (PrincipalLogging.log.isDebugEnabled()) {
final String missingClaims = requiredClaims.stream().filter(claim -> !jwtContext.getJwtClaims().getClaimsMap().containsKey(claim)).collect(Collectors.joining(","));
PrincipalLogging.log.missingClaims(missingClaims);
}
throw PrincipalMessages.msg.missingClaims(s -> new InvalidJwtException(s, emptyList(), jwtContext));
}
}
}
Also used :
InvalidJwtException(org.jose4j.jwt.consumer.InvalidJwtException)
AlgorithmConstraints(org.jose4j.jwa.AlgorithmConstraints)
VerificationKeyResolver(org.jose4j.keys.resolvers.VerificationKeyResolver)
Collections.emptyList(java.util.Collections.emptyList)
JwtContext(org.jose4j.jwt.consumer.JwtContext)
Set(java.util.Set)
JwtConsumerBuilder(org.jose4j.jwt.consumer.JwtConsumerBuilder)
JoseException(org.jose4j.lang.JoseException)
Collectors(java.util.stream.Collectors)
JsonWebEncryption(org.jose4j.jwe.JsonWebEncryption)
JwtConsumer(org.jose4j.jwt.consumer.JwtConsumer)
NumericDate(org.jose4j.jwt.NumericDate)
UnresolvableKeyException(org.jose4j.lang.UnresolvableKeyException)
JwtClaims(org.jose4j.jwt.JwtClaims)
DecryptionKeyResolver(org.jose4j.keys.resolvers.DecryptionKeyResolver)
Claims(org.eclipse.microprofile.jwt.Claims)
InvalidJwtException(org.jose4j.jwt.consumer.InvalidJwtException)
Example 10 with JwtContext
use of org.jose4j.jwt.consumer.JwtContext in project smallrye-jwt by smallrye.
the class DefaultJWTTokenParserTest method testParseMultipleExpectedAudienceValues.
@Test
public void testParseMultipleExpectedAudienceValues() throws Exception {
config.setExpectedAudience(new HashSet<>(Arrays.asList("MISSING", TCK_TOKEN1_AUD)));
JwtContext context = parser.parse(TokenUtils.signClaims("/Token1.json"), config);
assertNotNull(context);
assertEquals(TCK_TOKEN1_AUD, context.getJwtClaims().getAudience().get(0));
}
Also used :
JwtContext(org.jose4j.jwt.consumer.JwtContext)
Test(org.junit.Test)
Aggregations
JwtContext (org.jose4j.jwt.consumer.JwtContext)22
JwtClaims (org.jose4j.jwt.JwtClaims)14
JwtConsumer (org.jose4j.jwt.consumer.JwtConsumer)14
InvalidJwtException (org.jose4j.jwt.consumer.InvalidJwtException)13
JwtConsumerBuilder (org.jose4j.jwt.consumer.JwtConsumerBuilder)13
MalformedClaimException (org.jose4j.jwt.MalformedClaimException)9
Test (org.junit.Test)6
AlgorithmConstraints (org.jose4j.jwa.AlgorithmConstraints)5
NumericDate (org.jose4j.jwt.NumericDate)4
JoseException (org.jose4j.lang.JoseException)3
ServiceException (io.jenkins.blueocean.commons.ServiceException)2
JWTAuthConfiguration (org.apache.tomee.microprofile.jwt.config.JWTAuthConfiguration)2
JsonWebStructure (org.jose4j.jwx.JsonWebStructure)2
JwksVerificationKeyResolver (org.jose4j.keys.resolvers.JwksVerificationKeyResolver)2
UnresolvableKeyException (org.jose4j.lang.UnresolvableKeyException)2
DigilibServletRequest (digilib.conf.DigilibServletRequest)1
JwtAuthenticationStore (io.jenkins.blueocean.auth.jwt.JwtAuthenticationStore)1
JwtToken (io.jenkins.blueocean.auth.jwt.JwtToken)1
SigningPublicKey (io.jenkins.blueocean.auth.jwt.SigningPublicKey)1
IOException (java.io.IOException)1
