Search in sources :

Example 1 with ServerECDSASignatureVerifierContext

use of org.keycloak.crypto.ServerECDSASignatureVerifierContext in project keycloak by keycloak.

the class OAuthClient method verifyToken.

public <T extends JsonWebToken> T verifyToken(String token, Class<T> clazz) {
    try {
        TokenVerifier<T> verifier = TokenVerifier.create(token, clazz);
        String kid = verifier.getHeader().getKeyId();
        String algorithm = verifier.getHeader().getAlgorithm().name();
        KeyWrapper key = getRealmPublicKey(realm, algorithm, kid);
        AsymmetricSignatureVerifierContext verifierContext;
        switch(algorithm) {
            case Algorithm.ES256:
            case Algorithm.ES384:
            case Algorithm.ES512:
                verifierContext = new ServerECDSASignatureVerifierContext(key);
                break;
            default:
                verifierContext = new AsymmetricSignatureVerifierContext(key);
        }
        verifier.verifierContext(verifierContext);
        verifier.verify();
        return verifier.getToken();
    } catch (VerificationException e) {
        throw new RuntimeException("Failed to decode token", e);
    }
}
Also used : KeyWrapper(org.keycloak.crypto.KeyWrapper) AsymmetricSignatureVerifierContext(org.keycloak.crypto.AsymmetricSignatureVerifierContext) VerificationException(org.keycloak.common.VerificationException) ServerECDSASignatureVerifierContext(org.keycloak.crypto.ServerECDSASignatureVerifierContext)

Aggregations

VerificationException (org.keycloak.common.VerificationException)1 AsymmetricSignatureVerifierContext (org.keycloak.crypto.AsymmetricSignatureVerifierContext)1 KeyWrapper (org.keycloak.crypto.KeyWrapper)1 ServerECDSASignatureVerifierContext (org.keycloak.crypto.ServerECDSASignatureVerifierContext)1