当前位置: 首页>>代码示例>>Java>>正文


Java JWSVerifier类代码示例

本文整理汇总了Java中com.nimbusds.jose.JWSVerifier的典型用法代码示例。如果您正苦于以下问题:Java JWSVerifier类的具体用法?Java JWSVerifier怎么用?Java JWSVerifier使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。


JWSVerifier类属于com.nimbusds.jose包,在下文中一共展示了JWSVerifier类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: readSignedJWT

import com.nimbusds.jose.JWSVerifier; //导入依赖的package包/类
private <T> JWTData<T> readSignedJWT(String data, KeySelector keySelector, Class<T> classType, JWTVerifier verifier) throws ParseException, JOSEException {
    SignedJWT signedJWT = SignedJWT.parse(data);

    String keyID = signedJWT.getHeader().getKeyID();
    Key key = keySelector.selectSecretKey(keyID);
    if (key == null) {
        throw new InvalidJWTException(String.format("No key found for %s", keyID));
    }

    JWSVerifier jwsVerifier = jwsVerifierFactory.createJWSVerifier(signedJWT.getHeader(), key);

    if (!signedJWT.verify(jwsVerifier)) {
        throw new InvalidJWTException("JWT Signature verification failed");
    }

    if (verifier != null) {
        if (!verifier.verify(signedJWT.getHeader(), signedJWT.getJWTClaimsSet())) {
            throw new InvalidJWTException("JWT verification failed");
        }
    }
    MetaJWTData metaJWTData = new MetaJWTData(keyID, signedJWT.getHeader().getCustomParams());

    return readJSONString(signedJWT.getPayload().toString(), classType, metaJWTData);
}
 
开发者ID:atbashEE,项目名称:atbash-octopus,代码行数:25,代码来源:JWTDecoder.java

示例2: testRolesEndpointToJWTString

import com.nimbusds.jose.JWSVerifier; //导入依赖的package包/类
/**
 *
 * @throws Exception
 */
@Test
public void testRolesEndpointToJWTString() throws Exception {
    // Transform the JSON content into a signed JWT
    String jwt = TokenUtils.generateTokenString("/Token1.json");
    System.out.println(jwt);
    /* Note that if you try to validate this token string via jwt.io debugger, you need to take the
    /publicKey.pem contents, and use
    -----BEGIN PUBLIC KEY-----
    ...
    -----END PUBLIC KEY-----

    rather than the:
    -----BEGIN RSA PUBLIC KEY-----
    ...
    -----END RSA PUBLIC KEY-----

    in the file.
    */

    // Validate the string via Nimbus
    SignedJWT signedJWT = SignedJWT.parse(jwt);
    PublicKey publicKey = TokenUtils.readPublicKey("/publicKey.pem");
    Assert.assertTrue(publicKey instanceof RSAPublicKey, "publicKey isa RSAPublicKey");
    JWSVerifier verifier = new RSASSAVerifier((RSAPublicKey)publicKey);
    Assert.assertTrue(signedJWT.verify(verifier));
}
 
开发者ID:eclipse,项目名称:microprofile-jwt-auth,代码行数:31,代码来源:TokenUtilsTest.java

示例3: validateSignature

import com.nimbusds.jose.JWSVerifier; //导入依赖的package包/类
/**
 * Verify the signature of the JWT token in this method. This method depends
 * on the public key that was established during init based upon the
 * provisioned public key. Override this method in subclasses in order to
 * customize the signature verification behavior.
 *
 * @param jwtToken the token that contains the signature to be validated
 * @return valid true if signature verifies successfully; false otherwise
 */
protected boolean validateSignature(SignedJWT jwtToken) {
  boolean valid = false;
  if (JWSObject.State.SIGNED == jwtToken.getState()) {
    LOG.debug("JWT token is in a SIGNED state");
    if (jwtToken.getSignature() != null) {
      LOG.debug("JWT token signature is not null");
      try {
        JWSVerifier verifier = new RSASSAVerifier(publicKey);
        if (jwtToken.verify(verifier)) {
          valid = true;
          LOG.debug("JWT token has been successfully verified");
        } else {
          LOG.warn("JWT signature verification failed.");
        }
      } catch (JOSEException je) {
        LOG.warn("Error while validating signature", je);
      }
    }
  }
  return valid;
}
 
开发者ID:aliyun-beta,项目名称:aliyun-oss-hadoop-fs,代码行数:31,代码来源:JWTRedirectAuthenticationHandler.java

示例4: parseAndVerifyToken

import com.nimbusds.jose.JWSVerifier; //导入依赖的package包/类
public SignedJWT parseAndVerifyToken(String jwtString) throws WebApiClientException {
    try {
        SignedJWT signedJWT = SignedJWT.parse(jwtString);

        JWSVerifier verifier = new RSASSAVerifier(jwtConfig.getRSAPublicKey());
        if (signedJWT.verify(verifier)) {
            JWTClaimsSet claimsSet = signedJWT.getJWTClaimsSet();
            if (claimsSet.getAudience().contains(jwtConfig.getServiceUUID()) &&
                    claimsSet.getIssuer().equalsIgnoreCase(JwtUtil.ISSUER)) {
                return signedJWT;
            }
        }
    } catch (ParseException | JOSEException e) {
        throw new WebApiClientException(e.getMessage());
    }
    throw new WebApiClientException("Authorization token cannot be verified");
}
 
开发者ID:vrk-kpa,项目名称:roles-auths-client,代码行数:18,代码来源:JwtUtil.java

示例5: verifySignature

import com.nimbusds.jose.JWSVerifier; //导入依赖的package包/类
public static boolean verifySignature( String token, String sharedKey )
{
    boolean verifiedSignature = false;

    try
    {
        JWSObject jwsObject = JWSObject.parse( token );
        JWSVerifier verifier = new MACVerifier( sharedKey.getBytes() );
        verifiedSignature = jwsObject.verify( verifier );
    }
    catch ( Exception e )
    {
        LOG.warn( e.getMessage() );
    }

    return verifiedSignature;
}
 
开发者ID:subutai-io,项目名称:base,代码行数:18,代码来源:TokenUtil.java

示例6: verifyTokenRSA

import com.nimbusds.jose.JWSVerifier; //导入依赖的package包/类
public static boolean verifyTokenRSA( PublicKey pKey, String token )
{
    try
    {
        Payload pl = new Payload( token );
        JWSObject jwsObject = new JWSObject( new JWSHeader( JWSAlgorithm.RS256 ), pl );
        JWSVerifier verifier = new RSASSAVerifier( ( RSAPublicKey ) pKey );

        return jwsObject.verify( verifier );
    }
    catch ( JOSEException e )
    {
        LOG.warn( "Error verifying RSA token", e.getMessage() );

        return false;
    }
}
 
开发者ID:subutai-io,项目名称:base,代码行数:18,代码来源:TokenUtil.java

示例7: validateSignature

import com.nimbusds.jose.JWSVerifier; //导入依赖的package包/类
protected boolean validateSignature(SignedJWT jwtToken) {
  boolean valid = false;
  if (JWSObject.State.SIGNED == jwtToken.getState()) {

    if (jwtToken.getSignature() != null) {

      try {
        RSAPublicKey publicKey = parseRSAPublicKey(publicKeyPath);
        JWSVerifier verifier = new RSASSAVerifier(publicKey);
        if (verifier != null && jwtToken.verify(verifier)) {
          valid = true;
        }
      } catch (Exception e) {
        LOGGER.info("Exception in validateSignature", e);
      }
    }
  }
  return valid;
}
 
开发者ID:apache,项目名称:zeppelin,代码行数:20,代码来源:KnoxJwtRealm.java

示例8: verifySignature

import com.nimbusds.jose.JWSVerifier; //导入依赖的package包/类
private boolean verifySignature(String jwt) {
    try {
        SignedJWT signedJWT = SignedJWT.parse(jwt);
        if (new Date().before(signedJWT.getJWTClaimsSet().getExpirationTime())) {
            JWSVerifier verifier =
                    new RSASSAVerifier((RSAPublicKey) getPublicKey(KEYSTORE, KEYSTORE_PASSWORD, ALIAS));
            return signedJWT.verify(verifier);
        } else {
            log.info("Token has expired");
        }
    } catch (ParseException | IOException | KeyStoreException | CertificateException |
            NoSuchAlgorithmException | UnrecoverableKeyException | JOSEException e) {
        log.error("Error occurred while JWT signature verification. JWT=" + jwt, e);
    }
    return false;
}
 
开发者ID:wso2,项目名称:msf4j,代码行数:17,代码来源:JWTSecurityInterceptor.java

示例9: validToken

import com.nimbusds.jose.JWSVerifier; //导入依赖的package包/类
@Test
public void validToken() throws JOSEException, ParseException {
    JWTClaimsSet jwtClaims = getJWTClaimsSet("issuer", "subject", new Date(), new Date(), new Date(new Date().getTime() + 100000));

    JWSHeader header = new JWSHeader(JWSAlgorithm.HS256);

    Payload payload = new Payload(jwtClaims.toJSONObject());

    JWSObject jwsObject = new JWSObject(header, payload);

    JWSSigner signer = new MACSigner(sharedKey);
    jwsObject.sign(signer);
    String token = jwsObject.serialize();

    SignedJWT signed = SignedJWT.parse(token);
    JWSVerifier verifier = new MACVerifierExtended(sharedKey, signed.getJWTClaimsSet());
    signed.verify(verifier);

    Assert.assertTrue("Must be valid", signed.verify(verifier));
}
 
开发者ID:panchitoboy,项目名称:shiro-jwt,代码行数:21,代码来源:MACVerifierExtendedTest.java

示例10: invalidTokenNotBeforeTime

import com.nimbusds.jose.JWSVerifier; //导入依赖的package包/类
@Test
public void invalidTokenNotBeforeTime() throws JOSEException, ParseException {
    JWTClaimsSet jwtClaims = getJWTClaimsSet("issuer", "subject", new Date(), new Date(new Date().getTime() + 100000), new Date(new Date().getTime() + 200000));

    JWSHeader header = new JWSHeader(JWSAlgorithm.HS256);

    Payload payload = new Payload(jwtClaims.toJSONObject());

    JWSObject jwsObject = new JWSObject(header, payload);

    JWSSigner signer = new MACSigner(sharedKey);
    jwsObject.sign(signer);
    String token = jwsObject.serialize();

    SignedJWT signed = SignedJWT.parse(token);
    JWSVerifier verifier = new MACVerifierExtended(sharedKey, signed.getJWTClaimsSet());
    signed.verify(verifier);

    Assert.assertFalse("Must be invalid", signed.verify(verifier));
}
 
开发者ID:panchitoboy,项目名称:shiro-jwt,代码行数:21,代码来源:MACVerifierExtendedTest.java

示例11: invalidTokenExpirationTime

import com.nimbusds.jose.JWSVerifier; //导入依赖的package包/类
@Test
public void invalidTokenExpirationTime() throws JOSEException, ParseException {
    JWTClaimsSet jwtClaims = getJWTClaimsSet("issuer", "subject", new Date(), new Date(), new Date());

    JWSHeader header = new JWSHeader(JWSAlgorithm.HS256);

    Payload payload = new Payload(jwtClaims.toJSONObject());

    JWSObject jwsObject = new JWSObject(header, payload);

    JWSSigner signer = new MACSigner(sharedKey);
    jwsObject.sign(signer);
    String token = jwsObject.serialize();

    SignedJWT signed = SignedJWT.parse(token);
    JWSVerifier verifier = new MACVerifierExtended(sharedKey, signed.getJWTClaimsSet());
    signed.verify(verifier);

    Assert.assertFalse("Must be invalid", signed.verify(verifier));
}
 
开发者ID:panchitoboy,项目名称:shiro-jwt,代码行数:21,代码来源:MACVerifierExtendedTest.java

示例12: extractAppIdFromIdToken

import com.nimbusds.jose.JWSVerifier; //导入依赖的package包/类
private String extractAppIdFromIdToken(String token) {
    String appId = null;
    KeyStoreManager keyStoreManager = KeyStoreManager.getInstance(MultitenantConstants.SUPER_TENANT_ID);
    try {
        keyStoreManager.getDefaultPrimaryCertificate();
        JWSVerifier verifier =
                new RSASSAVerifier((RSAPublicKey) keyStoreManager.getDefaultPublicKey());
        SignedJWT jwsObject = SignedJWT.parse(token);
        if (jwsObject.verify(verifier)) {
            appId = jwsObject.getJWTClaimsSet().getStringClaim("appId");
        }

    } catch (Exception e) {
        String message = "Could not extract application id from id token";
        log.error(message, e);
    }
    return appId;
}
 
开发者ID:apache,项目名称:stratos,代码行数:19,代码来源:OAuthHandler.java

示例13: isValidJWToken

import com.nimbusds.jose.JWSVerifier; //导入依赖的package包/类
/**
 * Validates a JWT token.
 * @param secret secret used for generating the token
 * @param jwt token to validate
 * @return true if token is valid
 */
public static boolean isValidJWToken(String secret, SignedJWT jwt) {
	try {
		if (secret != null && jwt != null) {
			JWSVerifier verifier = new MACVerifier(secret);
			if (jwt.verify(verifier)) {
				Date referenceTime = new Date();
				JWTClaimsSet claims = jwt.getJWTClaimsSet();

				Date expirationTime = claims.getExpirationTime();
				Date notBeforeTime = claims.getNotBeforeTime();
				boolean expired = expirationTime == null || expirationTime.before(referenceTime);
				boolean notYetValid = notBeforeTime == null || notBeforeTime.after(referenceTime);

				return !(expired || notYetValid);
			}
		}
	} catch (JOSEException e) {
		logger.warn(null, e);
	} catch (ParseException ex) {
		logger.warn(null, ex);
	}
	return false;
}
 
开发者ID:Erudika,项目名称:para,代码行数:30,代码来源:SecurityUtils.java

示例14: testSuccessMessage

import com.nimbusds.jose.JWSVerifier; //导入依赖的package包/类
private void testSuccessMessage(JWSVerifier verifier) throws ComponentInitializationException, URISyntaxException,
        JOSEException, ParseException {
    setIdTokenToResponseContext("iss", "sub", "aud", new Date(), new Date());
    final Event event = action.execute(requestCtx);
    ActionTestingSupport.assertProceedEvent(event);
    Assert.assertNotNull(respCtx.getSignedIDToken());
    Assert.assertTrue(respCtx.getSignedIDToken().verify(verifier));

}
 
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:10,代码来源:SignIDTokenTest.java

示例15: authenticate

import com.nimbusds.jose.JWSVerifier; //导入依赖的package包/类
@Override
public Authentication authenticate(Authentication authentication)
    throws AuthenticationException {
    Authentication authenticationResult = authenticationManager
        .authenticate(authentication);

    if (authenticationResult.isAuthenticated()) {
        // validates nonce because JWT is already valid
        if (authentication instanceof PoPAuthenticationToken) {
            PoPAuthenticationToken popAuthentication = (PoPAuthenticationToken) authentication;

            // starts validating nonce here
            String nonce = popAuthentication.getNonce();
            if (nonce == null) {
                throw new UnapprovedClientAuthenticationException(
                    "This request does not have a valid signed nonce");
            }

            String token = (String) popAuthentication.getPrincipal();

            System.out.println("access token:" + token);

            try {
                JWT jwt = JWTParser.parse(token);
                String publicKey = jwt.getJWTClaimsSet().getClaim("public_key").toString();
                JWK jwk = JWK.parse(publicKey);

                JWSObject jwsNonce = JWSObject.parse(nonce);
                JWSVerifier verifier = new RSASSAVerifier((RSAKey) jwk);
                if (!jwsNonce.verify(verifier)) {
                    throw new InvalidTokenException("Client hasn't possession of given token");
                }
            } catch (Exception e) {
                throw new RuntimeException(e);
            }

        }
    }

    return authenticationResult;
}
 
开发者ID:PacktPublishing,项目名称:OAuth-2.0-Cookbook,代码行数:42,代码来源:PoPAuthenticationManager.java


注:本文中的com.nimbusds.jose.JWSVerifier类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。