Search in sources :

Example 1 with LoadedPublicKey

use of org.sdase.commons.server.auth.key.LoadedPublicKey in project sda-dropwizard-commons by SDA-SE.

the class AuthRSA256Service method auth.

@Override
public Map<String, Claim> auth(String authorizationToken) {
    try {
        String keyId = JWT.decode(authorizationToken).getKeyId();
        if (keyId == null) {
            // check all keys without id
            List<LoadedPublicKey> keysWithoutId = rsaPublicKeyLoader.getKeysWithoutId();
            if (keysWithoutId.size() > 1) {
                LOG.warn("Verifying token without kid trying {} public keys", keysWithoutId.size());
            }
            Collections.reverse(keysWithoutId);
            return keysWithoutId.stream().map(k -> verifyJwtSignature(authorizationToken, k)).filter(Optional::isPresent).map(Optional::get).findFirst().orElseThrow(() -> new JwtAuthException("Could not verify JWT without kid.")).getClaims();
        } else {
            LoadedPublicKey loadedPublicKey = rsaPublicKeyLoader.getLoadedPublicKey(keyId);
            if (loadedPublicKey == null) {
                LOG.error("No key found for verification, matching the requested kid {}", keyId);
                throw new JwtAuthException("Could not verify JWT with the requested kid.");
            }
            DecodedJWT jwt = verifyJwtSignature(authorizationToken, loadedPublicKey).orElseThrow(() -> new JwtAuthException("Verifying token failed"));
            return jwt.getClaims();
        }
    } catch (JWTVerificationException e) {
        throw new JwtAuthException(e);
    }
}
Also used : JWT(com.auth0.jwt.JWT) Logger(org.slf4j.Logger) Verification(com.auth0.jwt.interfaces.Verification) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT) LoadedPublicKey(org.sdase.commons.server.auth.key.LoadedPublicKey) LoggerFactory(org.slf4j.LoggerFactory) JwtAuthException(org.sdase.commons.server.auth.error.JwtAuthException) RsaPublicKeyLoader(org.sdase.commons.server.auth.key.RsaPublicKeyLoader) StringUtils(org.apache.commons.lang3.StringUtils) TokenExpiredException(com.auth0.jwt.exceptions.TokenExpiredException) Algorithm(com.auth0.jwt.algorithms.Algorithm) List(java.util.List) Validate(org.apache.commons.lang3.Validate) Map(java.util.Map) Optional(java.util.Optional) Claim(com.auth0.jwt.interfaces.Claim) Collections(java.util.Collections) JWTVerificationException(com.auth0.jwt.exceptions.JWTVerificationException) JWTVerificationException(com.auth0.jwt.exceptions.JWTVerificationException) LoadedPublicKey(org.sdase.commons.server.auth.key.LoadedPublicKey) Optional(java.util.Optional) JwtAuthException(org.sdase.commons.server.auth.error.JwtAuthException) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)

Aggregations

JWT (com.auth0.jwt.JWT)1 Algorithm (com.auth0.jwt.algorithms.Algorithm)1 JWTVerificationException (com.auth0.jwt.exceptions.JWTVerificationException)1 TokenExpiredException (com.auth0.jwt.exceptions.TokenExpiredException)1 Claim (com.auth0.jwt.interfaces.Claim)1 DecodedJWT (com.auth0.jwt.interfaces.DecodedJWT)1 Verification (com.auth0.jwt.interfaces.Verification)1 Collections (java.util.Collections)1 List (java.util.List)1 Map (java.util.Map)1 Optional (java.util.Optional)1 StringUtils (org.apache.commons.lang3.StringUtils)1 Validate (org.apache.commons.lang3.Validate)1 JwtAuthException (org.sdase.commons.server.auth.error.JwtAuthException)1 LoadedPublicKey (org.sdase.commons.server.auth.key.LoadedPublicKey)1 RsaPublicKeyLoader (org.sdase.commons.server.auth.key.RsaPublicKeyLoader)1 Logger (org.slf4j.Logger)1 LoggerFactory (org.slf4j.LoggerFactory)1