Search in sources :

Example 16 with JsonWebToken

use of org.keycloak.representations.JsonWebToken in project keycloak by keycloak.

the class JWTClientSecretCredentialsProvider method createRequestToken.

protected JsonWebToken createRequestToken(String clientId, String realmInfoUrl) {
    // According to <a href="http://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication">OIDC's client authentication spec</a>,
    // JWT claims is the same as one by private_key_jwt
    JsonWebToken reqToken = new JsonWebToken();
    reqToken.id(AdapterUtils.generateId());
    reqToken.issuer(clientId);
    reqToken.subject(clientId);
    reqToken.audience(realmInfoUrl);
    int now = Time.currentTime();
    reqToken.issuedAt(now);
    // the same as in KEYCLOAK-2986, JWTClientCredentialsProvider's timeout field
    reqToken.expiration(now + 10);
    reqToken.notBefore(now);
    return reqToken;
}
Also used : JsonWebToken(org.keycloak.representations.JsonWebToken)

Example 17 with JsonWebToken

use of org.keycloak.representations.JsonWebToken in project keycloak by keycloak.

the class JWTClientSecretCredentialsProvider method createSignedRequestToken.

public String createSignedRequestToken(String clientId, String realmInfoUrl, String algorithm) {
    JsonWebToken jwt = createRequestToken(clientId, realmInfoUrl);
    String signedRequestToken = null;
    if (Algorithm.HS512.equals(algorithm)) {
        signedRequestToken = new JWSBuilder().jsonContent(jwt).hmac512(clientSecret);
    } else if (Algorithm.HS384.equals(algorithm)) {
        signedRequestToken = new JWSBuilder().jsonContent(jwt).hmac384(clientSecret);
    } else {
        signedRequestToken = new JWSBuilder().jsonContent(jwt).hmac256(clientSecret);
    }
    return signedRequestToken;
}
Also used : JsonWebToken(org.keycloak.representations.JsonWebToken) JWSBuilder(org.keycloak.jose.jws.JWSBuilder)

Example 18 with JsonWebToken

use of org.keycloak.representations.JsonWebToken in project keycloak by keycloak.

the class JsonWebTokenTest method testArray.

@Test
public void testArray() throws IOException {
    JsonWebToken jsonWebToken = new JsonWebToken();
    jsonWebToken.audience("test", "test2");
    assertTrue(JsonSerialization.writeValueAsPrettyString(jsonWebToken).contains("\"aud\" : [ \"test\", \"test2\" ]"));
}
Also used : JsonWebToken(org.keycloak.representations.JsonWebToken) Test(org.junit.Test)

Example 19 with JsonWebToken

use of org.keycloak.representations.JsonWebToken in project keycloak by keycloak.

the class JsonWebTokenTest method testAudSingle.

@Test
public void testAudSingle() throws IOException {
    String single = "{ \"aud\": \"test\" }";
    JsonWebToken s = JsonSerialization.readValue(single, JsonWebToken.class);
    assertArrayEquals(new String[] { "test" }, s.getAudience());
}
Also used : JsonWebToken(org.keycloak.representations.JsonWebToken) Test(org.junit.Test)

Example 20 with JsonWebToken

use of org.keycloak.representations.JsonWebToken in project keycloak by keycloak.

the class JsonWebTokenTest method test.

@Test
public void test() throws IOException {
    JsonWebToken jsonWebToken = new JsonWebToken();
    jsonWebToken.audience("test");
    assertTrue(JsonSerialization.writeValueAsPrettyString(jsonWebToken).contains("\"aud\" : \"test\""));
}
Also used : JsonWebToken(org.keycloak.representations.JsonWebToken) Test(org.junit.Test)

Aggregations

JsonWebToken (org.keycloak.representations.JsonWebToken)36 Test (org.junit.Test)12 JWSInput (org.keycloak.jose.jws.JWSInput)7 JWSBuilder (org.keycloak.jose.jws.JWSBuilder)5 KeyPair (java.security.KeyPair)4 IdentityBrokerException (org.keycloak.broker.provider.IdentityBrokerException)4 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)4 OAuthClient (org.keycloak.testsuite.util.OAuthClient)4 PublicKey (java.security.PublicKey)3 OAuthErrorException (org.keycloak.OAuthErrorException)3 JWSInputException (org.keycloak.jose.jws.JWSInputException)3 IOException (java.io.IOException)2 PrivateKey (java.security.PrivateKey)2 LinkedList (java.util.LinkedList)2 Response (javax.ws.rs.core.Response)2 NameValuePair (org.apache.http.NameValuePair)2 CloseableHttpResponse (org.apache.http.client.methods.CloseableHttpResponse)2 BasicNameValuePair (org.apache.http.message.BasicNameValuePair)2 ClientResource (org.keycloak.admin.client.resource.ClientResource)2 BrokeredIdentityContext (org.keycloak.broker.provider.BrokeredIdentityContext)2