本文整理汇总了Java中com.nimbusds.jwt.JWT类的典型用法代码示例。如果您正苦于以下问题:Java JWT类的具体用法?Java JWT怎么用?Java JWT使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
JWT类属于com.nimbusds.jwt包,在下文中一共展示了JWT类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: implicitWithIdTokenAndToken_minimumParams_isSuccess
import com.nimbusds.jwt.JWT; //导入依赖的package包/类
@Test
public void implicitWithIdTokenAndToken_minimumParams_isSuccess() throws Exception {
BearerAccessToken accessToken = new BearerAccessToken();
JWT idToken = new PlainJWT(new JWTClaimsSet.Builder().build());
given(this.clientRepository.findById(any(ClientID.class))).willReturn(implicitWithIdTokenAndTokenClient());
given(this.tokenService.createAccessToken(any(AccessTokenRequest.class))).willReturn(accessToken);
given(this.tokenService.createIdToken(any(IdTokenRequest.class))).willReturn(idToken);
given(this.subjectResolver.resolveSubject(any(HttpServletRequest.class))).willReturn(new Subject("user"));
given(this.scopeResolver.resolve(any(Subject.class), any(Scope.class), any(OIDCClientMetadata.class)))
.will(returnsSecondArg());
MockHttpServletRequestBuilder request = get(
"/oauth2/authorize?scope=openid&response_type=id_token token&client_id=test-client&redirect_uri=http://example.com&nonce=test")
.session(this.session);
this.mvc.perform(request).andExpect(status().isFound())
.andExpect(redirectedUrlTemplate(
"http://example.com#access_token={accessToken}&id_token={idToken}&token_type=Bearer",
accessToken.getValue(), idToken.serialize()));
}
示例2: implicitWithIdToken_minimumParams_isSuccess
import com.nimbusds.jwt.JWT; //导入依赖的package包/类
@Test
public void implicitWithIdToken_minimumParams_isSuccess() throws Exception {
JWT idToken = new PlainJWT(new JWTClaimsSet.Builder().build());
given(this.clientRepository.findById(any(ClientID.class))).willReturn(implicitWithIdTokenClient());
given(this.tokenService.createIdToken(any(IdTokenRequest.class))).willReturn(idToken);
given(this.subjectResolver.resolveSubject(any(HttpServletRequest.class))).willReturn(new Subject("user"));
given(this.scopeResolver.resolve(any(Subject.class), any(Scope.class), any(OIDCClientMetadata.class)))
.will(returnsSecondArg());
MockHttpServletRequestBuilder request = get(
"/oauth2/authorize?scope=openid&response_type=id_token&client_id=test-client&redirect_uri=http://example.com&nonce=test")
.session(this.session);
this.mvc.perform(request).andExpect(status().isFound())
.andExpect(redirectedUrlTemplate("http://example.com#id_token={idToken}", idToken.serialize()));
}
示例3: implicitWithIdTokenAndToken_withState_isSuccess
import com.nimbusds.jwt.JWT; //导入依赖的package包/类
@Test
public void implicitWithIdTokenAndToken_withState_isSuccess() throws Exception {
BearerAccessToken accessToken = new BearerAccessToken();
JWT idToken = new PlainJWT(new JWTClaimsSet.Builder().build());
State state = new State();
given(this.clientRepository.findById(any(ClientID.class))).willReturn(implicitWithIdTokenAndTokenClient());
given(this.tokenService.createAccessToken(any(AccessTokenRequest.class))).willReturn(accessToken);
given(this.tokenService.createIdToken(any(IdTokenRequest.class))).willReturn(idToken);
given(this.subjectResolver.resolveSubject(any(HttpServletRequest.class))).willReturn(new Subject("user"));
given(this.scopeResolver.resolve(any(Subject.class), any(Scope.class), any(OIDCClientMetadata.class)))
.will(returnsSecondArg());
MockHttpServletRequestBuilder request = get(
"/oauth2/authorize?scope=openid&response_type=id_token token&client_id=test-client&redirect_uri=http://example.com&nonce=test&state="
+ state.getValue()).session(this.session);
this.mvc.perform(request).andExpect(status().isFound()).andExpect(redirectedUrlTemplate(
"http://example.com#access_token={accessToken}&id_token={idToken}&state={state}&token_type=Bearer",
accessToken.getValue(), idToken.serialize(), state.getValue()));
}
示例4: hybridWithIdTokenAndToken_minimumParams_isSuccess
import com.nimbusds.jwt.JWT; //导入依赖的package包/类
@Test
public void hybridWithIdTokenAndToken_minimumParams_isSuccess() throws Exception {
BearerAccessToken accessToken = new BearerAccessToken();
JWT idToken = new PlainJWT(new JWTClaimsSet.Builder().build());
AuthorizationCode authorizationCode = new AuthorizationCode();
given(this.clientRepository.findById(any(ClientID.class))).willReturn(hybridWithIdTokenAndTokenClient());
given(this.tokenService.createAccessToken(any(AccessTokenRequest.class))).willReturn(accessToken);
given(this.tokenService.createIdToken(any(IdTokenRequest.class))).willReturn(idToken);
given(this.authorizationCodeService.create(any(AuthorizationCodeContext.class))).willReturn(authorizationCode);
given(this.subjectResolver.resolveSubject(any(HttpServletRequest.class))).willReturn(new Subject("user"));
given(this.scopeResolver.resolve(any(Subject.class), any(Scope.class), any(OIDCClientMetadata.class)))
.will(returnsSecondArg());
MockHttpServletRequestBuilder request = get(
"/oauth2/authorize?scope=openid&response_type=code id_token token&client_id=test-client&redirect_uri=http://example.com&nonce=test")
.session(this.session);
this.mvc.perform(request).andExpect(status().isFound()).andExpect(redirectedUrlTemplate(
"http://example.com#access_token={accessToken}&code={code}&id_token={idToken}&token_type=Bearer",
accessToken.getValue(), authorizationCode.getValue(), idToken.serialize()));
}
示例5: hybridWithIdToken_minimumParams_isSuccess
import com.nimbusds.jwt.JWT; //导入依赖的package包/类
@Test
public void hybridWithIdToken_minimumParams_isSuccess() throws Exception {
JWT idToken = new PlainJWT(new JWTClaimsSet.Builder().build());
AuthorizationCode authorizationCode = new AuthorizationCode();
given(this.clientRepository.findById(any(ClientID.class))).willReturn(hybridWithIdTokenClient());
given(this.tokenService.createIdToken(any(IdTokenRequest.class))).willReturn(idToken);
given(this.authorizationCodeService.create(any(AuthorizationCodeContext.class))).willReturn(authorizationCode);
given(this.subjectResolver.resolveSubject(any(HttpServletRequest.class))).willReturn(new Subject("user"));
given(this.scopeResolver.resolve(any(Subject.class), any(Scope.class), any(OIDCClientMetadata.class)))
.will(returnsSecondArg());
MockHttpServletRequestBuilder request = get(
"/oauth2/authorize?scope=openid&response_type=code id_token&client_id=test-client&redirect_uri=http://example.com&nonce=test")
.session(this.session);
this.mvc.perform(request).andExpect(status().isFound())
.andExpect(redirectedUrlTemplate("http://example.com#code={code}&id_token={idToken}",
authorizationCode.getValue(), idToken.serialize()));
}
示例6: hybridWithIdTokenAndToken_withState_isSuccess
import com.nimbusds.jwt.JWT; //导入依赖的package包/类
@Test
public void hybridWithIdTokenAndToken_withState_isSuccess() throws Exception {
BearerAccessToken accessToken = new BearerAccessToken();
JWT idToken = new PlainJWT(new JWTClaimsSet.Builder().build());
AuthorizationCode authorizationCode = new AuthorizationCode();
State state = new State();
given(this.clientRepository.findById(any(ClientID.class))).willReturn(hybridWithIdTokenAndTokenClient());
given(this.tokenService.createAccessToken(any(AccessTokenRequest.class))).willReturn(accessToken);
given(this.tokenService.createIdToken(any(IdTokenRequest.class))).willReturn(idToken);
given(this.authorizationCodeService.create(any(AuthorizationCodeContext.class))).willReturn(authorizationCode);
given(this.subjectResolver.resolveSubject(any(HttpServletRequest.class))).willReturn(new Subject("user"));
given(this.scopeResolver.resolve(any(Subject.class), any(Scope.class), any(OIDCClientMetadata.class)))
.will(returnsSecondArg());
MockHttpServletRequestBuilder request = get(
"/oauth2/authorize?scope=openid&response_type=code id_token token&client_id=test-client&redirect_uri=http://example.com&nonce=test&state="
+ state.getValue()).session(this.session);
this.mvc.perform(request).andExpect(status().isFound()).andExpect(redirectedUrlTemplate(
"http://example.com#access_token={accessToken}&code={code}&id_token={idToken}&state={state}&token_type=Bearer",
accessToken.getValue(), authorizationCode.getValue(), idToken.serialize(), state.getValue()));
}
示例7: authCode_postAuth_isOk
import com.nimbusds.jwt.JWT; //导入依赖的package包/类
@Test
public void authCode_postAuth_isOk() throws Exception {
ClientID clientId = new ClientID("test-client");
URI redirectUri = URI.create("http://rp.example.com");
AuthorizationCode authorizationCode = new AuthorizationCode();
ClientSecretPost clientAuth = new ClientSecretPost(clientId, new Secret("test-secret"));
TokenRequest tokenRequest = new TokenRequest(URI.create("http://op.example.com"), clientAuth,
new AuthorizationCodeGrant(authorizationCode, redirectUri));
AuthorizationCodeContext context = new AuthorizationCodeContext(new Subject("user"), clientId, redirectUri,
new Scope(OIDCScopeValue.OPENID), Instant.now(), new ACR("1"), AMR.PWD, new SessionID("test"), null,
null, null);
BearerAccessToken accessToken = new BearerAccessToken();
JWT idToken = new PlainJWT(new JWTClaimsSet.Builder().build());
given(this.clientRepository.findById(any(ClientID.class)))
.willReturn(client(ClientAuthenticationMethod.CLIENT_SECRET_POST));
given(this.authorizationCodeService.consume(eq(authorizationCode))).willReturn(context);
given(this.tokenService.createAccessToken(any(AccessTokenRequest.class))).willReturn(accessToken);
given(this.tokenService.createIdToken(any(IdTokenRequest.class))).willReturn(idToken);
MockHttpServletRequestBuilder request = post("/oauth2/token").content(tokenRequest.toHTTPRequest().getQuery())
.contentType(MediaType.APPLICATION_FORM_URLENCODED);
this.mvc.perform(request).andExpect(status().isOk());
}
示例8: authCode_pkcePlain_isOk
import com.nimbusds.jwt.JWT; //导入依赖的package包/类
@Test
public void authCode_pkcePlain_isOk() throws Exception {
ClientID clientId = new ClientID("test-client");
URI redirectUri = URI.create("http://rp.example.com");
CodeVerifier codeVerifier = new CodeVerifier();
CodeChallengeMethod codeChallengeMethod = CodeChallengeMethod.PLAIN;
AuthorizationCode authorizationCode = new AuthorizationCode();
TokenRequest tokenRequest = new TokenRequest(URI.create("http://op.example.com"), clientId,
new AuthorizationCodeGrant(authorizationCode, redirectUri, codeVerifier));
AuthorizationCodeContext context = new AuthorizationCodeContext(new Subject("user"), clientId, redirectUri,
new Scope(OIDCScopeValue.OPENID), Instant.now(), new ACR("1"), AMR.PWD, new SessionID("test"),
CodeChallenge.compute(codeChallengeMethod, codeVerifier), codeChallengeMethod, null);
BearerAccessToken accessToken = new BearerAccessToken();
JWT idToken = new PlainJWT(new JWTClaimsSet.Builder().build());
given(this.clientRepository.findById(any(ClientID.class))).willReturn(client(ClientAuthenticationMethod.NONE));
given(this.authorizationCodeService.consume(eq(authorizationCode))).willReturn(context);
given(this.tokenService.createAccessToken(any(AccessTokenRequest.class))).willReturn(accessToken);
given(this.tokenService.createIdToken(any(IdTokenRequest.class))).willReturn(idToken);
MockHttpServletRequestBuilder request = post("/oauth2/token").content(tokenRequest.toHTTPRequest().getQuery())
.contentType(MediaType.APPLICATION_FORM_URLENCODED);
this.mvc.perform(request).andExpect(status().isOk());
}
示例9: authCode_pkceS256_isOk
import com.nimbusds.jwt.JWT; //导入依赖的package包/类
@Test
public void authCode_pkceS256_isOk() throws Exception {
ClientID clientId = new ClientID("test-client");
URI redirectUri = URI.create("http://rp.example.com");
CodeVerifier codeVerifier = new CodeVerifier();
CodeChallengeMethod codeChallengeMethod = CodeChallengeMethod.S256;
AuthorizationCode authorizationCode = new AuthorizationCode();
TokenRequest tokenRequest = new TokenRequest(URI.create("http://op.example.com"), clientId,
new AuthorizationCodeGrant(authorizationCode, URI.create("http://rp.example.com"), codeVerifier));
AuthorizationCodeContext context = new AuthorizationCodeContext(new Subject("user"), clientId, redirectUri,
new Scope(OIDCScopeValue.OPENID), Instant.now(), new ACR("1"), AMR.PWD, new SessionID("test"),
CodeChallenge.compute(codeChallengeMethod, codeVerifier), codeChallengeMethod, null);
BearerAccessToken accessToken = new BearerAccessToken();
JWT idToken = new PlainJWT(new JWTClaimsSet.Builder().build());
given(this.clientRepository.findById(any(ClientID.class))).willReturn(client(ClientAuthenticationMethod.NONE));
given(this.authorizationCodeService.consume(eq(authorizationCode))).willReturn(context);
given(this.tokenService.createAccessToken(any(AccessTokenRequest.class))).willReturn(accessToken);
given(this.tokenService.createIdToken(any(IdTokenRequest.class))).willReturn(idToken);
MockHttpServletRequestBuilder request = post("/oauth2/token").content(tokenRequest.toHTTPRequest().getQuery())
.contentType(MediaType.APPLICATION_FORM_URLENCODED);
this.mvc.perform(request).andExpect(status().isOk());
}
示例10: validate
import com.nimbusds.jwt.JWT; //导入依赖的package包/类
@Override
public IDTokenClaimsSet validate(final JWT idToken, final Nonce expectedNonce) throws BadJOSEException, JOSEException {
try {
if (originalIssuer.contains("%7Btenantid%7D")) {
Object tid = idToken.getJWTClaimsSet().getClaim("tid");
if (tid == null) {
throw new BadJWTException("ID token does not contain the 'tid' claim");
}
base = new IDTokenValidator(new Issuer(originalIssuer.replace("%7Btenantid%7D", tid.toString())),
base.getClientID(), base.getJWSKeySelector(), base.getJWEKeySelector());
base.setMaxClockSkew(getMaxClockSkew());
}
} catch (ParseException e) {
throw new BadJWTException(e.getMessage(), e);
}
return base.validate(idToken, expectedNonce);
}
示例11: getIdToken
import com.nimbusds.jwt.JWT; //导入依赖的package包/类
protected JWT getIdToken(@Nonnull ClientID clientId, @Nullable Nonce nonce, @Nullable AccessTokenHash atHash,
@Nullable CodeHash cHash) throws GeneralSecurityException, JOSEException, ParseException {
JWTClaimsSet claims = getIdTokenClaims(clientId, nonce, atHash, cHash);
RSAKey key = getSigningJwk();
JWSHeader.Builder headerBuilder = new JWSHeader.Builder(JWSAlgorithm.RS256)
.type(JOSEObjectType.JWT);
if (params.getBool(INCLUDE_SIGNING_CERT)) {
headerBuilder = headerBuilder.jwk(key.toPublicJWK());
}
JWSHeader header = headerBuilder.build();
SignedJWT signedJwt = new SignedJWT(header, claims);
JWSSigner signer = new RSASSASigner(key);
signedJwt.sign(signer);
return signedJwt;
}
示例12: encryptIdToken
import com.nimbusds.jwt.JWT; //导入依赖的package包/类
/**
* Encrypt id token.
*
* @param client the client
* @param idClaims the id claims
*/
private JWT encryptIdToken(final ClientDetailsEntity client, final JWTClaimsSet.Builder idClaims) {
log.debug("Locating encrypter service for client {}", client.getClientId());
final JWTEncryptionAndDecryptionService encrypter = encrypters.getEncrypter(client);
if (encrypter == null) {
log.error("Couldn't find encrypter for client: {} ", client.getClientId());
return null;
}
log.debug("Found encrypter service for client {}.", client.getClientId());
final JWTClaimsSet claims = idClaims.build();
final EncryptedJWT idToken = new EncryptedJWT(new JWEHeader(client.getIdTokenEncryptedResponseAlg(),
client.getIdTokenEncryptedResponseEnc()), claims);
log.debug("Encrypting idToken with response alg {} and response encoding {} and claims {}",
client.getIdTokenEncryptedResponseAlg(),
client.getIdTokenEncryptedResponseEnc(), claims.getClaims().keySet());
encrypter.encryptJwt(idToken);
return idToken;
}
示例13: main
import com.nimbusds.jwt.JWT; //导入依赖的package包/类
public static void main(String[] args) throws ParseException {
String principal, group, role = null;
if (args.length != 2 && args.length != 3) {
System.out.println("This is a simple token issuing tool just for kerb-token PoC usage\n");
System.out.println("tokeninit <username> <group> [role]\n");
System.exit(1);
}
principal = args[0];
group = args[1];
if (args.length > 2) {
role = args[2];
}
JWT jwt = issueToken(principal, group, role);
String token = jwt.serialize();
TokenCache.writeToken(token);
System.out.println("Issued token: " + token);
/*
JWT jwt2 = decodeToken(token);
String krbPrincipal = (String) jwt2.getHeader().getCustomParameter("krbPrincipal");
System.out.println("Decoded token with krbprincipal: " + krbPrincipal);
*/
}
示例14: signJWT
import com.nimbusds.jwt.JWT; //导入依赖的package包/类
/**
* Generic Signing function
*
* @param signedJWT
* @param tenantDomain
* @param tenantId
* @return
* @throws IdentityOAuth2Exception
*/
protected JWT signJWT(SignedJWT signedJWT, String tenantDomain, int tenantId)
throws IdentityOAuth2Exception {
if (JWSAlgorithm.RS256.equals(signatureAlgorithm) || JWSAlgorithm.RS384.equals(signatureAlgorithm) ||
JWSAlgorithm.RS512.equals(signatureAlgorithm)) {
return signJWTWithRSA(signedJWT, signatureAlgorithm, tenantDomain, tenantId);
} else if (JWSAlgorithm.HS256.equals(signatureAlgorithm) ||
JWSAlgorithm.HS384.equals(signatureAlgorithm) ||
JWSAlgorithm.HS512.equals(signatureAlgorithm)) {
// return signWithHMAC(payLoad,jwsAlgorithm,tenantDomain,tenantId); implementation
// need to be done
} else if (JWSAlgorithm.ES256.equals(signatureAlgorithm) ||
JWSAlgorithm.ES384.equals(signatureAlgorithm) ||
JWSAlgorithm.ES512.equals(signatureAlgorithm)) {
// return signWithEC(payLoad,jwsAlgorithm,tenantDomain,tenantId); implementation
// need to be done
}
log.error("UnSupported Signature Algorithm");
throw new IdentityOAuth2Exception("UnSupported Signature Algorithm");
}
示例15: authenticate
import com.nimbusds.jwt.JWT; //导入依赖的package包/类
@Override
public Authentication authenticate(Authentication authentication)
throws AuthenticationException {
Authentication authenticationResult = authenticationManager
.authenticate(authentication);
if (authenticationResult.isAuthenticated()) {
// validates nonce because JWT is already valid
if (authentication instanceof PoPAuthenticationToken) {
PoPAuthenticationToken popAuthentication = (PoPAuthenticationToken) authentication;
// starts validating nonce here
String nonce = popAuthentication.getNonce();
if (nonce == null) {
throw new UnapprovedClientAuthenticationException(
"This request does not have a valid signed nonce");
}
String token = (String) popAuthentication.getPrincipal();
System.out.println("access token:" + token);
try {
JWT jwt = JWTParser.parse(token);
String publicKey = jwt.getJWTClaimsSet().getClaim("public_key").toString();
JWK jwk = JWK.parse(publicKey);
JWSObject jwsNonce = JWSObject.parse(nonce);
JWSVerifier verifier = new RSASSAVerifier((RSAKey) jwk);
if (!jwsNonce.verify(verifier)) {
throw new InvalidTokenException("Client hasn't possession of given token");
}
} catch (Exception e) {
throw new RuntimeException(e);
}
}
}
return authenticationResult;
}