本文整理汇总了Java中com.nimbusds.jose.jwk.RSAKey类的典型用法代码示例。如果您正苦于以下问题:Java RSAKey类的具体用法?Java RSAKey怎么用?Java RSAKey使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
RSAKey类属于com.nimbusds.jose.jwk包,在下文中一共展示了RSAKey类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: retrieveUsernamePasswordFromLoginToken
import com.nimbusds.jose.jwk.RSAKey; //导入依赖的package包/类
/**
* retrieves username and password from JSON web tocken
*
* @param token - the serialized JSON web token from login
* @return username and password (combined by ":")
*/
public static String retrieveUsernamePasswordFromLoginToken(String token) {
JWEObject jweObject;
try {
jweObject = JWEObject.parse(token);
// Decrypt with shared key
jweObject.decrypt(new RSADecrypter(RSA_KEYS.getPrivate()));
// Extract payload
SignedJWT signedJWT = jweObject.getPayload().toSignedJWT();
RSAKey serverPublicKey = RSAKey.parse(signedJWT.getHeader().getJWK().toJSONObject());
if (signedJWT.verify(new RSASSAVerifier(serverPublicKey))) {
//Token is valid
String username = signedJWT.getJWTClaimsSet().getSubject();
String password = signedJWT.getJWTClaimsSet().getStringClaim("password");
return username + ":" + password;
}
} catch (ParseException | JOSEException e) {
LOGGER.error(e);
}
return null;
}
示例2: makeRSA
import com.nimbusds.jose.jwk.RSAKey; //导入依赖的package包/类
public RSAKey makeRSA(Integer keySize, KeyUse keyUse, Algorithm keyAlg, String kid) {
try {
KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
generator.initialize(keySize);
KeyPair kp = generator.generateKeyPair();
RSAPublicKey pub = (RSAPublicKey) kp.getPublic();
RSAPrivateKey priv = (RSAPrivateKey) kp.getPrivate();
return new RSAKey.Builder(pub)
.privateKey(priv)
.keyUse(keyUse)
.algorithm(keyAlg)
.keyID(kid)
.build();
} catch (NoSuchAlgorithmException e) {
// FIXME Auto-generated catch block
e.printStackTrace();
return null;
}
}
示例3: make
import com.nimbusds.jose.jwk.RSAKey; //导入依赖的package包/类
private static RSAKey make(Integer keySize, KeyUse keyUse, Algorithm keyAlg, String kid) {
try {
KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
generator.initialize(keySize);
KeyPair kp = generator.generateKeyPair();
RSAPublicKey pub = (RSAPublicKey) kp.getPublic();
RSAPrivateKey priv = (RSAPrivateKey) kp.getPrivate();
return new RSAKey.Builder(pub)
.privateKey(priv)
.keyUse(keyUse)
.algorithm(keyAlg)
.keyID(kid)
.build();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
return null;
}
}
示例4: getIdToken
import com.nimbusds.jose.jwk.RSAKey; //导入依赖的package包/类
protected JWT getIdToken(@Nonnull ClientID clientId, @Nullable Nonce nonce, @Nullable AccessTokenHash atHash,
@Nullable CodeHash cHash) throws GeneralSecurityException, JOSEException, ParseException {
JWTClaimsSet claims = getIdTokenClaims(clientId, nonce, atHash, cHash);
RSAKey key = getSigningJwk();
JWSHeader.Builder headerBuilder = new JWSHeader.Builder(JWSAlgorithm.RS256)
.type(JOSEObjectType.JWT);
if (params.getBool(INCLUDE_SIGNING_CERT)) {
headerBuilder = headerBuilder.jwk(key.toPublicJWK());
}
JWSHeader header = headerBuilder.build();
SignedJWT signedJwt = new SignedJWT(header, claims);
JWSSigner signer = new RSASSASigner(key);
signedJwt.sign(signer);
return signedJwt;
}
示例5: getSigningJwk
import com.nimbusds.jose.jwk.RSAKey; //导入依赖的package包/类
protected RSAKey getSigningJwk() {
KeyStore.PrivateKeyEntry keyEntry = supplyHonestOrEvil(opivCfg::getHonestOPSigningEntry, opivCfg::getEvilOPSigningEntry);
RSAPublicKey pubKey = (RSAPublicKey) keyEntry.getCertificate().getPublicKey();
RSAPrivateKey privKey = (RSAPrivateKey) keyEntry.getPrivateKey();
List<Base64> chain = Arrays.stream(keyEntry.getCertificateChain()).map(c -> {
try {
return Base64.encode(c.getEncoded());
} catch (CertificateEncodingException ex) {
throw new IllegalArgumentException("Failed to encode certificate.", ex);
}
}).collect(Collectors.toList());
RSAKey key = new RSAKey.Builder(pubKey)
.privateKey(privKey)
.x509CertChain(chain)
.algorithm(JWSAlgorithm.RS256)
.build();
return key;
}
示例6: verifyPropertiesWithSignature
import com.nimbusds.jose.jwk.RSAKey; //导入依赖的package包/类
/**
* verifies a set of Properties against a signature and and a public key
* @param data - the data a sorted Map of Strings
* @param base64Signature - the signature
* @param jwk -the public key
* @return true, if the properties match the signature
*/
public static boolean verifyPropertiesWithSignature(SortedMap<String, String> data, String base64Signature,
JWK jwk) {
try {
String message = generateMessagesFromProperties(data);
Signature signature = Signature.getInstance("SHA1withRSA");
signature.initVerify(((RSAKey) jwk).toRSAPublicKey());
signature.update(message.getBytes(StandardCharsets.ISO_8859_1));
return signature.verify(Base64.getDecoder().decode(base64Signature));
} catch (Exception e) {
LOGGER.error(e);
}
return false;
}
示例7: retrievePublicKeyFromLoginToken
import com.nimbusds.jose.jwk.RSAKey; //导入依赖的package包/类
/**
* retrieves the client public key from Login Token
*
* @param token - the serialized JSON Web Token from login
* @return the public key as JWK object
*/
public static JWK retrievePublicKeyFromLoginToken(String token) {
JWK result = null;
JWEObject jweObject;
try {
jweObject = JWEObject.parse(token);
// Decrypt with shared key
jweObject.decrypt(new RSADecrypter(RSA_KEYS.getPrivate()));
// Extract payload
SignedJWT signedJWT = jweObject.getPayload().toSignedJWT();
result = signedJWT.getHeader().getJWK();
RSAKey publicKey = RSAKey.parse(result.toJSONObject());
if (signedJWT.verify(new RSASSAVerifier(publicKey))) {
return result;
}
} catch (ParseException | JOSEException e) {
LOGGER.error(e);
}
return null;
}
示例8: createEmptyJWTwithPublicKey
import com.nimbusds.jose.jwk.RSAKey; //导入依赖的package包/类
/**
* creates an empty JSON Web Token
*
* @param webAppBaseURL - the base url of the application
*
* @return the JSON WebToken
*/
public static SignedJWT createEmptyJWTwithPublicKey(String webAppBaseURL) {
ZonedDateTime currentTime = ZonedDateTime.now(ZoneOffset.UTC);
JWTClaimsSet claims = new JWTClaimsSet.Builder().issuer(webAppBaseURL).jwtID(UUID.randomUUID().toString())
.issueTime(Date.from(currentTime.toInstant())).build();
String keyID = UUID.randomUUID().toString();
JWK jwk = new RSAKey.Builder((RSAPublicKey) RSA_KEYS.getPublic()).keyID(keyID).build();
JWSHeader jwsHeader = new JWSHeader.Builder(JWSAlgorithm.RS256).jwk(jwk).build();
SignedJWT signedJWT = new SignedJWT(jwsHeader, claims);
try {
signedJWT.sign(new RSASSASigner(RSA_KEYS.getPrivate()));
} catch (JOSEException e) {
LOGGER.error(e);
}
return signedJWT;
}
示例9: createJWT
import com.nimbusds.jose.jwk.RSAKey; //导入依赖的package包/类
/**
* creates a JSON Web Token with user id, roles and client public key
*
* @param user - the user that should be returned
* @param roles - the roles that should be returned
* @param webAppBaseURL - the base url of the application
* @param clientPublicKey - the client public key as JSON Web Key
*
* @return the JSON WebToken
*/
public static SignedJWT createJWT(String user, List<String> roles, String webAppBaseURL, JWK clientPublicKey) {
ZonedDateTime currentTime = ZonedDateTime.now(ZoneOffset.UTC);
JWTClaimsSet claims = new JWTClaimsSet.Builder().issuer(webAppBaseURL).jwtID(UUID.randomUUID().toString())
.expirationTime(Date.from(currentTime.plusMinutes(EXPIRATION_TIME_MINUTES).toInstant()))
.issueTime(Date.from(currentTime.toInstant()))
.notBeforeTime(Date.from(currentTime.minusMinutes(EXPIRATION_TIME_MINUTES).toInstant())).subject(user)
// additional claims/attributes about the subject can be added
// claims.setClaim("email", "[email protected]");
// multi-valued claims work too and will end up as a JSON array
.claim("roles", roles).claim("sub_jwk", clientPublicKey).build();
String keyID = UUID.randomUUID().toString();
JWK jwk = new RSAKey.Builder((RSAPublicKey) RSA_KEYS.getPublic()).keyID(keyID).build();
JWSHeader jwsHeader = new JWSHeader.Builder(JWSAlgorithm.RS256).jwk(jwk).build();
SignedJWT signedJWT = new SignedJWT(jwsHeader, claims);
try {
signedJWT.sign(new RSASSASigner(RSA_KEYS.getPrivate()));
} catch (JOSEException e) {
// TODO Auto-generated catch block
LOGGER.error(e);
}
System.out.println("JWT: " + signedJWT.serialize());
return signedJWT;
}
示例10: main
import com.nimbusds.jose.jwk.RSAKey; //导入依赖的package包/类
public static void main(String[] args) {
Map<String, Info> info = new HashMap<>();
// user name, apiKey/roles
info.put("Rudy", new Info("49c2b80f-12a5-4464-abad-152cc2cacedb", newRoles("user", "manager")));
info.put("Soteria", new Info("0a1726c7-068a-4de0-ac64-d27a52cbfce2", newRoles("user")));
System.out.println("Correct tokens");
info.forEach(
(k, v) -> {
String publicContent = readFile(v.getApiKey() + ".jwk");
try {
JWK publicJWK = JWK.parse(publicContent);
String apiKey = publicJWK.getKeyID();
System.out.println("Subject = " + k + " -> token = " + createToken(k, (RSAKey) publicJWK, apiKey, v.getRoles()));
} catch (ParseException | JOSEException e) {
e.printStackTrace();
}
}
);
}
示例11: make
import com.nimbusds.jose.jwk.RSAKey; //导入依赖的package包/类
private static RSAKey make(Integer keySize, KeyUse keyUse, Algorithm keyAlg, String kid) {
try {
KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
generator.initialize(keySize);
KeyPair kp = generator.generateKeyPair();
RSAPublicKey pub = (RSAPublicKey) kp.getPublic();
RSAPrivateKey priv = (RSAPrivateKey) kp.getPrivate();
RSAKey rsaKey = new RSAKey.Builder(pub)
.privateKey(priv)
.keyUse(keyUse)
.algorithm(keyAlg)
.keyID(kid)
.build();
return rsaKey;
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return null;
}
}
示例12: setCredential
import com.nimbusds.jose.jwk.RSAKey; //导入依赖的package包/类
/**
* Set the credential to be resolved as JSON.
* @param credential What to set.
*/
public void setCredential(final Credential credential) {
Constraint.isNotNull(credential, "Credential cannot be null!");
final PublicKey publicKey = credential.getPublicKey();
String kid = credential instanceof JWKCredential ? ((JWKCredential) credential).getKid() : null;
final KeyUse use;
switch (credential.getUsageType()) {
case SIGNING:
use = KeyUse.SIGNATURE; break;
case ENCRYPTION:
use = KeyUse.ENCRYPTION; break;
default:
use = null;
}
final JWK jwk;
if ((publicKey instanceof RSAPublicKey)) {
final RSAKey.Builder builder = new RSAKey.Builder((RSAPublicKey) publicKey).keyID(kid).keyUse(use);
if (credential instanceof JWKCredential) {
builder.algorithm(((JWKCredential) credential).getAlgorithm());
}
jwk = builder.build();
} else {
// TODO: support other algorithms
log.warn("Unsupported public key {}", publicKey.getAlgorithm());
throw new ConstraintViolationException("Unsupported public key algorithm");
}
jsonCredential = jwk.toJSONObject();
}
示例13: getJWK
import com.nimbusds.jose.jwk.RSAKey; //导入依赖的package包/类
/**
* Gets the RSA Key from the keystore
*
* @param keyAlias the key alias
* @param keyPwd the key password
* @return the RSAKey
*/
public RSAKey getJWK(String keyAlias,String keyPwd) {
RSAKey jwk = null;
try {
jwk = RSAKey.load(keyStore, keyAlias, keyPwd.toCharArray());
} catch (KeyStoreException | JOSEException e) {
logger.error(e.getMessage());
return null;
}
return jwk;
}
示例14: createKey
import com.nimbusds.jose.jwk.RSAKey; //导入依赖的package包/类
private void createKey() {
RSAKeyFactory keyFactory = new RSAKeyFactory();
// FIXME Not only RSA and Signature
RSAKey rsaKey = keyFactory.makeRSA(Integer.valueOf(keySize.getValue()), KeyUse.SIGNATURE, new Algorithm("PS512"), id.getValue());
jwkSetData.add(rsaKey);
new JWKView(primaryStage, rootPane, jwkSetData).initialize();
}
示例15: authenticate
import com.nimbusds.jose.jwk.RSAKey; //导入依赖的package包/类
@Override
public Authentication authenticate(Authentication authentication)
throws AuthenticationException {
Authentication authenticationResult = authenticationManager
.authenticate(authentication);
if (authenticationResult.isAuthenticated()) {
// validates nonce because JWT is already valid
if (authentication instanceof PoPAuthenticationToken) {
PoPAuthenticationToken popAuthentication = (PoPAuthenticationToken) authentication;
// starts validating nonce here
String nonce = popAuthentication.getNonce();
if (nonce == null) {
throw new UnapprovedClientAuthenticationException(
"This request does not have a valid signed nonce");
}
String token = (String) popAuthentication.getPrincipal();
System.out.println("access token:" + token);
try {
JWT jwt = JWTParser.parse(token);
String publicKey = jwt.getJWTClaimsSet().getClaim("public_key").toString();
JWK jwk = JWK.parse(publicKey);
JWSObject jwsNonce = JWSObject.parse(nonce);
JWSVerifier verifier = new RSASSAVerifier((RSAKey) jwk);
if (!jwsNonce.verify(verifier)) {
throw new InvalidTokenException("Client hasn't possession of given token");
}
} catch (Exception e) {
throw new RuntimeException(e);
}
}
}
return authenticationResult;
}