Search in sources :

Example 1 with JWTAuthContextInfo

use of org.wildfly.swarm.microprofile.jwtauth.deployment.principal.JWTAuthContextInfo in project wildfly-swarm by wildfly-swarm.

the class TCKTokenParser method parse.

@Override
public JsonWebToken parse(String bearerToken, String issuer, PublicKey publicKey) throws Exception {
    JWTAuthContextInfo authContextInfo = new JWTAuthContextInfo((RSAPublicKey) publicKey, issuer);
    JWTCallerPrincipalFactory factory = DefaultJWTCallerPrincipalFactory.instance();
    return factory.parse(bearerToken, authContextInfo);
}
Also used : JWTCallerPrincipalFactory(org.wildfly.swarm.microprofile.jwtauth.deployment.principal.JWTCallerPrincipalFactory) DefaultJWTCallerPrincipalFactory(org.wildfly.swarm.microprofile.jwtauth.deployment.principal.DefaultJWTCallerPrincipalFactory) JWTAuthContextInfo(org.wildfly.swarm.microprofile.jwtauth.deployment.principal.JWTAuthContextInfo)

Example 2 with JWTAuthContextInfo

use of org.wildfly.swarm.microprofile.jwtauth.deployment.principal.JWTAuthContextInfo in project wildfly-swarm by wildfly-swarm.

the class JWTAuthContextInfoProvider method getOptionalContextInfo.

@Produces
Optional<JWTAuthContextInfo> getOptionalContextInfo() {
    if (!publicKeyPemEnc.isPresent()) {
        return Optional.empty();
    }
    JWTAuthContextInfo contextInfo = new JWTAuthContextInfo();
    try {
        RSAPublicKey pk = (RSAPublicKey) KeyUtils.decodePublicKey(publicKeyPemEnc.get());
        contextInfo.setSignerKey(pk);
    } catch (Exception e) {
        throw new DeploymentException(e);
    }
    if (issuedBy != null && !issuedBy.equals("NONE")) {
        contextInfo.setIssuedBy(issuedBy);
    }
    if (expGracePeriodSecs.isPresent()) {
        contextInfo.setExpGracePeriodSecs(expGracePeriodSecs.get());
    }
    return Optional.of(contextInfo);
}
Also used : RSAPublicKey(java.security.interfaces.RSAPublicKey) DeploymentException(javax.enterprise.inject.spi.DeploymentException) JWTAuthContextInfo(org.wildfly.swarm.microprofile.jwtauth.deployment.principal.JWTAuthContextInfo) DeploymentException(javax.enterprise.inject.spi.DeploymentException) Produces(javax.enterprise.inject.Produces)

Example 3 with JWTAuthContextInfo

use of org.wildfly.swarm.microprofile.jwtauth.deployment.principal.JWTAuthContextInfo in project wildfly-swarm by wildfly-swarm.

the class JWTAuthMechanismFactory method create.

/**
 * This builds the JWTAuthMechanism with a JWTAuthContextInfo containing the issuer and signer public key needed
 * to validate the token. This information is currently taken from the query parameters passed in via the
 * web.xml/login-config/auth-method value, or via CDI injection.
 *
 * @param mechanismName     - the login-config/auth-method, which will be MP-JWT for JWTAuthMechanism
 * @param formParserFactory - unused form type of authentication factory
 * @param properties        - the query parameters from the web.xml/login-config/auth-method value. We look for an issuedBy
 *                          and signerPubKey property to use for token validation.
 * @return the JWTAuthMechanism
 * @see JWTAuthContextInfo
 */
@Override
public AuthenticationMechanism create(String mechanismName, FormParserFactory formParserFactory, Map<String, String> properties) {
    ClassLoader loader = Thread.currentThread().getContextClassLoader();
    JWTAuthContextInfo contextInfo;
    Optional<JWTAuthContextInfo> optContextInfo = Optional.empty();
    try {
        Instance<JWTAuthContextInfo> contextInfoInstance = CDI.current().select(JWTAuthContextInfo.class);
        contextInfo = contextInfoInstance.get();
        optContextInfo = Optional.of(contextInfo);
    } catch (Exception e) {
        log.debugf(e, "Unable to select JWTAuthContextInfo provider");
    }
    if (!optContextInfo.isPresent()) {
        // Try building the JWTAuthContextInfo from the properties and/or the deployment resources
        contextInfo = new JWTAuthContextInfo();
        String issuedBy = properties.get("issuedBy");
        if (issuedBy == null) {
            // Try the /META-INF/MP-JWT-ISSUER content
            URL issURL = loader.getResource("/META-INF/MP-JWT-ISSUER");
            if (issURL == null) {
                throw new IllegalStateException("No issuedBy parameter was found");
            }
            issuedBy = readURLContent(issURL);
            if (issuedBy == null) {
                throw new IllegalStateException("No issuedBy parameter was found");
            }
            issuedBy = issuedBy.trim();
        }
        String publicKeyPemEnc = properties.get("signerPubKey");
        if (publicKeyPemEnc == null) {
            // Try the /META-INF/MP-JWT-SIGNER content
            URL pkURL = loader.getResource("/META-INF/MP-JWT-SIGNER");
            if (pkURL == null) {
                throw new IllegalStateException("No signerPubKey parameter was found");
            }
            publicKeyPemEnc = readURLContent(pkURL);
        }
        // Workaround the double decode issue; https://issues.jboss.org/browse/WFLY-9135
        String publicKeyPem = publicKeyPemEnc.replace(' ', '+');
        contextInfo.setIssuedBy(issuedBy);
        try {
            RSAPublicKey pk = (RSAPublicKey) KeyUtils.decodePublicKey(publicKeyPem);
            contextInfo.setSignerKey(pk);
        } catch (Exception e) {
            throw new IllegalStateException(e);
        }
    } else {
        contextInfo = optContextInfo.get();
    }
    return new JWTAuthMechanism(contextInfo);
}
Also used : RSAPublicKey(java.security.interfaces.RSAPublicKey) JWTAuthContextInfo(org.wildfly.swarm.microprofile.jwtauth.deployment.principal.JWTAuthContextInfo) IOException(java.io.IOException) URL(java.net.URL)

Aggregations

JWTAuthContextInfo (org.wildfly.swarm.microprofile.jwtauth.deployment.principal.JWTAuthContextInfo)3 RSAPublicKey (java.security.interfaces.RSAPublicKey)2 IOException (java.io.IOException)1 URL (java.net.URL)1 Produces (javax.enterprise.inject.Produces)1 DeploymentException (javax.enterprise.inject.spi.DeploymentException)1 DefaultJWTCallerPrincipalFactory (org.wildfly.swarm.microprofile.jwtauth.deployment.principal.DefaultJWTCallerPrincipalFactory)1 JWTCallerPrincipalFactory (org.wildfly.swarm.microprofile.jwtauth.deployment.principal.JWTCallerPrincipalFactory)1