Examples with JwtSigner - org.xdi.oxauth.model.token.JwtSigner

Example 1 with JwtSigner

use of org.xdi.oxauth.model.token.JwtSigner in project oxAuth by GluuFederation.

the class CreateRptWS method createJwr.

private JsonWebResponse createJwr(UmaRPT rpt, String authorization, List<String> gluuAccessTokenScopes) throws Exception {
    final AuthorizationGrant grant = tokenService.getAuthorizationGrant(authorization);
    JwtSigner jwtSigner = JwtSigner.newJwtSigner(appConfiguration, webKeysConfiguration, grant.getClient());
    Jwt jwt = jwtSigner.newJwt();
    jwt.getClaims().setExpirationTime(rpt.getExpirationDate());
    jwt.getClaims().setIssuedAt(rpt.getCreationDate());
    if (!gluuAccessTokenScopes.isEmpty()) {
        jwt.getClaims().setClaim("scopes", gluuAccessTokenScopes);
    }
    return jwtSigner.sign();
}

Also used : JwtSigner(org.xdi.oxauth.model.token.JwtSigner) Jwt(org.xdi.oxauth.model.jwt.Jwt) AuthorizationGrant(org.xdi.oxauth.model.common.AuthorizationGrant)

Example 2 with JwtSigner

use of org.xdi.oxauth.model.token.JwtSigner in project oxAuth by GluuFederation.

the class SessionStateService method generateJwt.

private Jwt generateJwt(SessionState sessionState, String audience) {
    try {
        JwtSigner jwtSigner = new JwtSigner(appConfiguration, webKeysConfiguration, SignatureAlgorithm.RS512, audience);
        Jwt jwt = jwtSigner.newJwt();
        // claims
        jwt.getClaims().setClaim("id", sessionState.getId());
        jwt.getClaims().setClaim("authentication_time", sessionState.getAuthenticationTime());
        jwt.getClaims().setClaim("user_dn", sessionState.getUserDn());
        jwt.getClaims().setClaim("state", sessionState.getState() != null ? sessionState.getState().getValue() : "");
        jwt.getClaims().setClaim("session_attributes", JwtSubClaimObject.fromMap(sessionState.getSessionAttributes()));
        jwt.getClaims().setClaim("last_used_at", sessionState.getLastUsedAt());
        jwt.getClaims().setClaim("permission_granted", sessionState.getPermissionGranted());
        jwt.getClaims().setClaim("permission_granted_map", JwtSubClaimObject.fromBooleanMap(sessionState.getPermissionGrantedMap().getPermissionGranted()));
        jwt.getClaims().setClaim("involved_clients_map", JwtSubClaimObject.fromBooleanMap(sessionState.getInvolvedClients().getPermissionGranted()));
        // sign
        return jwtSigner.sign();
    } catch (Exception e) {
        log.error("Failed to sign session jwt! " + e.getMessage(), e);
        throw new RuntimeException(e);
    }
}

Also used : JwtSigner(org.xdi.oxauth.model.token.JwtSigner) Jwt(org.xdi.oxauth.model.jwt.Jwt) EmptyEntryPersistenceException(org.gluu.site.ldap.persistence.exception.EmptyEntryPersistenceException) AcrChangedException(org.xdi.oxauth.model.exception.AcrChangedException) LDAPException(com.unboundid.ldap.sdk.LDAPException) EntryPersistenceException(org.gluu.site.ldap.persistence.exception.EntryPersistenceException)

Aggregations

Jwt (org.xdi.oxauth.model.jwt.Jwt)2 JwtSigner (org.xdi.oxauth.model.token.JwtSigner)2 LDAPException (com.unboundid.ldap.sdk.LDAPException)1 EmptyEntryPersistenceException (org.gluu.site.ldap.persistence.exception.EmptyEntryPersistenceException)1 EntryPersistenceException (org.gluu.site.ldap.persistence.exception.EntryPersistenceException)1 AuthorizationGrant (org.xdi.oxauth.model.common.AuthorizationGrant)1 AcrChangedException (org.xdi.oxauth.model.exception.AcrChangedException)1