Examples with SecretEncryptionConfiguration org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration used on opensource projects

Search in sources :

Example 1 with SecretEncryptionConfiguration

use of org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration in project cas by apereo.

the class GenerateJwtCommand method configureJwtEncryption.

private void configureJwtEncryption(final int encryptionSecretSize, final String encryptionAlgorithm, final String encryptionMethod, final JwtGenerator<CommonProfile> g) {
    if (encryptionSecretSize <= 0 || StringUtils.isBlank(encryptionMethod) || StringUtils.isBlank(encryptionAlgorithm)) {
        LOGGER.info("No encryption algorithm or size specified, so the generated JWT will not be encrypted");
        return;
    }
    final String encryptionSecret = RandomStringUtils.randomAlphanumeric(encryptionSecretSize);
    LOGGER.info("==== Encryption Secret ====\n[{}]\n", encryptionSecret);
    final String acceptedEncAlgs = Arrays.stream(JWEAlgorithm.class.getDeclaredFields()).filter(f -> f.getType().equals(JWEAlgorithm.class)).map(Unchecked.function(f -> {
        f.setAccessible(true);
        return ((JWEAlgorithm) f.get(null)).getName();
    })).collect(Collectors.joining(","));
    LOGGER.debug("Encryption algorithm: [{}]. Available algorithms are [{}]", encryptionAlgorithm, acceptedEncAlgs);
    final String acceptedEncMethods = Arrays.stream(EncryptionMethod.class.getDeclaredFields()).filter(f -> f.getType().equals(EncryptionMethod.class)).map(Unchecked.function(f -> {
        f.setAccessible(true);
        return ((EncryptionMethod) f.get(null)).getName();
    })).collect(Collectors.joining(","));
    LOGGER.debug("Encryption method: [{}]. Available methods are [{}]", encryptionMethod, acceptedEncMethods);
    final JWEAlgorithm algorithm = JWEAlgorithm.parse(encryptionAlgorithm);
    final EncryptionMethod encryptionMethodAlg = EncryptionMethod.parse(encryptionMethod);
    if (DirectDecrypter.SUPPORTED_ALGORITHMS.contains(algorithm)) {
        if (!DirectDecrypter.SUPPORTED_ENCRYPTION_METHODS.contains(encryptionMethodAlg)) {
            LOGGER.warn("Encrypted method [{}] is not supported for algorithm [{}]. Accepted methods are [{}]", encryptionMethod, encryptionAlgorithm, DirectDecrypter.SUPPORTED_ENCRYPTION_METHODS);
            return;
        }
    }
    if (AESDecrypter.SUPPORTED_ALGORITHMS.contains(algorithm)) {
        if (!AESDecrypter.SUPPORTED_ENCRYPTION_METHODS.contains(encryptionMethodAlg)) {
            LOGGER.warn("Encrypted method [{}] is not supported for algorithm [{}]. Accepted methods are [{}]", encryptionMethod, encryptionAlgorithm, AESDecrypter.SUPPORTED_ENCRYPTION_METHODS);
            return;
        }
    }
    g.setEncryptionConfiguration(new SecretEncryptionConfiguration(encryptionSecret, algorithm, encryptionMethodAlg));
}
Also used : JWEAlgorithm(com.nimbusds.jose.JWEAlgorithm) SecretEncryptionConfiguration(org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration) EncryptionMethod(com.nimbusds.jose.EncryptionMethod)

Example 2 with SecretEncryptionConfiguration

use of org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration in project pac4j by pac4j.

the class JwtTests method testGenerateAuthenticateDifferentSecrets.

@Test
public void testGenerateAuthenticateDifferentSecrets() {
    final SignatureConfiguration signatureConfiguration = new SecretSignatureConfiguration(MAC_SECRET);
    final EncryptionConfiguration encryptionConfiguration = new SecretEncryptionConfiguration(KEY2);
    final JwtGenerator<FacebookProfile> generator = new JwtGenerator<>(signatureConfiguration, encryptionConfiguration);
    final FacebookProfile profile = createProfile();
    final String token = generator.generate(profile);
    assertToken(profile, token, new JwtAuthenticator(signatureConfiguration, encryptionConfiguration));
}
Also used : JwtGenerator(org.pac4j.jwt.profile.JwtGenerator) SecretSignatureConfiguration(org.pac4j.jwt.config.signature.SecretSignatureConfiguration) SignatureConfiguration(org.pac4j.jwt.config.signature.SignatureConfiguration) ECSignatureConfiguration(org.pac4j.jwt.config.signature.ECSignatureConfiguration) SecretEncryptionConfiguration(org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration) EncryptionConfiguration(org.pac4j.jwt.config.encryption.EncryptionConfiguration) JwtAuthenticator(org.pac4j.jwt.credentials.authenticator.JwtAuthenticator) SecretEncryptionConfiguration(org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration) SecretSignatureConfiguration(org.pac4j.jwt.config.signature.SecretSignatureConfiguration) FacebookProfile(org.pac4j.oauth.profile.facebook.FacebookProfile) Test(org.junit.Test)

Example 3 with SecretEncryptionConfiguration

use of org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration in project pac4j by pac4j.

the class JwtTests method testGenericJwt.

@Test
public void testGenericJwt() {
    final String token = "eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiZGlyIn0..NTvhJXwZ_sN4zYBK.exyLJWkOclCVcffz58CE-" + "3XWWV24aYyGWR5HVrfm4HLQi1xgmwglLlEIiFlOSTOSZ_LeAwl2Z3VFh-5EidocjwGkAPGQA_4_KCLbK8Im7M25ZZvDzCJ1kKN1JrDIIrBWCcuI4Mbw0O" + "_YGb8TfIECPkpeG7wEgBG30sb1kH-F_vg9yjYfB4MiJCSFmY7cRqN9-9O23tz3wYv3b-eJh5ACr2CGSVNj2KcMsOMJ6bbALgz6pzQTIWk_" + "fhcE9QSfaSY7RuZ8cRTV-UTjYgZk1gbd1LskgchS.ijMQmfPlObJv7oaPG8LCEg";
    final TokenCredentials credentials = new TokenCredentials(token);
    final JwtAuthenticator authenticator = new JwtAuthenticator(new SecretSignatureConfiguration(MAC_SECRET), new SecretEncryptionConfiguration(MAC_SECRET));
    authenticator.validate(credentials, null);
    assertNotNull(credentials.getUserProfile());
}
Also used : JwtAuthenticator(org.pac4j.jwt.credentials.authenticator.JwtAuthenticator) SecretEncryptionConfiguration(org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration) SecretSignatureConfiguration(org.pac4j.jwt.config.signature.SecretSignatureConfiguration) TokenCredentials(org.pac4j.core.credentials.TokenCredentials) Test(org.junit.Test)

Example 4 with SecretEncryptionConfiguration

use of org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration in project pac4j by pac4j.

the class JwtTests method testJwtGenerationA256CBC.

@Test
public void testJwtGenerationA256CBC() {
    final JwtGenerator<CommonProfile> g = new JwtGenerator<>(new SecretSignatureConfiguration(MAC_SECRET + MAC_SECRET + MAC_SECRET + MAC_SECRET + MAC_SECRET + MAC_SECRET + MAC_SECRET + MAC_SECRET), new SecretEncryptionConfiguration(KEY2 + KEY2));
    ((SecretEncryptionConfiguration) g.getEncryptionConfiguration()).setMethod(EncryptionMethod.A256CBC_HS512);
    final String g1 = g.generate(new CommonProfile());
    assertNotNull(g1);
}
Also used : JwtGenerator(org.pac4j.jwt.profile.JwtGenerator) CommonProfile(org.pac4j.core.profile.CommonProfile) SecretEncryptionConfiguration(org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration) SecretSignatureConfiguration(org.pac4j.jwt.config.signature.SecretSignatureConfiguration) Test(org.junit.Test)

Example 5 with SecretEncryptionConfiguration

use of org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration in project pac4j by pac4j.

the class JwtTests method testAuthenticateFailed.

@Test(expected = CredentialsException.class)
public void testAuthenticateFailed() {
    final JwtAuthenticator authenticator = new JwtAuthenticator(new SecretSignatureConfiguration(MAC_SECRET), new SecretEncryptionConfiguration(MAC_SECRET));
    final TokenCredentials credentials = new TokenCredentials("fakeToken");
    authenticator.validate(credentials, null);
}
Also used : JwtAuthenticator(org.pac4j.jwt.credentials.authenticator.JwtAuthenticator) SecretEncryptionConfiguration(org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration) SecretSignatureConfiguration(org.pac4j.jwt.config.signature.SecretSignatureConfiguration) TokenCredentials(org.pac4j.core.credentials.TokenCredentials) Test(org.junit.Test)

Aggregations

SecretEncryptionConfiguration (org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration)16 Test (org.junit.Test)11 SecretSignatureConfiguration (org.pac4j.jwt.config.signature.SecretSignatureConfiguration)11 JwtGenerator (org.pac4j.jwt.profile.JwtGenerator)11 JwtAuthenticator (org.pac4j.jwt.credentials.authenticator.JwtAuthenticator)7 FacebookProfile (org.pac4j.oauth.profile.facebook.FacebookProfile)6 lombok.val (lombok.val)4 CommonProfile (org.pac4j.core.profile.CommonProfile)4 TokenCredentials (org.pac4j.core.credentials.TokenCredentials)3 EncryptionMethod (com.nimbusds.jose.EncryptionMethod)2 JWEAlgorithm (com.nimbusds.jose.JWEAlgorithm)2 Test (org.junit.jupiter.api.Test)2 EncryptionConfiguration (org.pac4j.jwt.config.encryption.EncryptionConfiguration)2 ECSignatureConfiguration (org.pac4j.jwt.config.signature.ECSignatureConfiguration)2 SignatureConfiguration (org.pac4j.jwt.config.signature.SignatureConfiguration)2 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)2 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 HashSet (java.util.HashSet)1 CredentialsException (org.pac4j.core.exception.CredentialsException)1 TechnicalException (org.pac4j.core.exception.TechnicalException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial