use of org.keycloak.crypto.ServerECDSASignatureVerifierContext in project keycloak by keycloak.
the class OAuthClient method verifyToken.
public <T extends JsonWebToken> T verifyToken(String token, Class<T> clazz) {
try {
TokenVerifier<T> verifier = TokenVerifier.create(token, clazz);
String kid = verifier.getHeader().getKeyId();
String algorithm = verifier.getHeader().getAlgorithm().name();
KeyWrapper key = getRealmPublicKey(realm, algorithm, kid);
AsymmetricSignatureVerifierContext verifierContext;
switch(algorithm) {
case Algorithm.ES256:
case Algorithm.ES384:
case Algorithm.ES512:
verifierContext = new ServerECDSASignatureVerifierContext(key);
break;
default:
verifierContext = new AsymmetricSignatureVerifierContext(key);
}
verifier.verifierContext(verifierContext);
verifier.verify();
return verifier.getToken();
} catch (VerificationException e) {
throw new RuntimeException("Failed to decode token", e);
}
}
Aggregations