Example 1 with AsymmetricSignatureVerifierContext
use of org.keycloak.crypto.AsymmetricSignatureVerifierContext in project keycloak by keycloak.
the class OAuthClient method verifyToken.
public <T extends JsonWebToken> T verifyToken(String token, Class<T> clazz) {
try {
TokenVerifier<T> verifier = TokenVerifier.create(token, clazz);
String kid = verifier.getHeader().getKeyId();
String algorithm = verifier.getHeader().getAlgorithm().name();
KeyWrapper key = getRealmPublicKey(realm, algorithm, kid);
AsymmetricSignatureVerifierContext verifierContext;
switch(algorithm) {
case Algorithm.ES256:
case Algorithm.ES384:
case Algorithm.ES512:
verifierContext = new ServerECDSASignatureVerifierContext(key);
break;
default:
verifierContext = new AsymmetricSignatureVerifierContext(key);
}
verifier.verifierContext(verifierContext);
verifier.verify();
return verifier.getToken();
} catch (VerificationException e) {
throw new RuntimeException("Failed to decode token", e);
}
}
Also used :
KeyWrapper(org.keycloak.crypto.KeyWrapper)
AsymmetricSignatureVerifierContext(org.keycloak.crypto.AsymmetricSignatureVerifierContext)
VerificationException(org.keycloak.common.VerificationException)
ServerECDSASignatureVerifierContext(org.keycloak.crypto.ServerECDSASignatureVerifierContext)
Aggregations
VerificationException (org.keycloak.common.VerificationException)1
AsymmetricSignatureVerifierContext (org.keycloak.crypto.AsymmetricSignatureVerifierContext)1
KeyWrapper (org.keycloak.crypto.KeyWrapper)1
ServerECDSASignatureVerifierContext (org.keycloak.crypto.ServerECDSASignatureVerifierContext)1
