本文整理汇总了Java中org.jose4j.jwk.RsaJsonWebKey类的典型用法代码示例。如果您正苦于以下问题:Java RsaJsonWebKey类的具体用法?Java RsaJsonWebKey怎么用?Java RsaJsonWebKey使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
RsaJsonWebKey类属于org.jose4j.jwk包,在下文中一共展示了RsaJsonWebKey类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: generate
import org.jose4j.jwk.RsaJsonWebKey; //导入依赖的package包/类
/**
* Generate.
*/
@PostConstruct
public void generate() {
try {
final File file = oidcProperties.getJwksFile().getFile();
if (!file.exists()) {
final RsaJsonWebKey rsaJsonWebKey = RsaJwkGenerator.generateJwk(2048);
final JsonWebKeySet jsonWebKeySet = new JsonWebKeySet(rsaJsonWebKey);
final String data = jsonWebKeySet.toJson(JsonWebKey.OutputControlLevel.INCLUDE_PRIVATE);
FileUtils.write(file, data, StandardCharsets.UTF_8);
LOGGER.debug("Generated JSON web keystore at [{}]", file);
} else {
LOGGER.debug("Located JSON web keystore at [{}]", file);
}
} catch (final Exception e) {
throw Throwables.propagate(e);
}
}
示例2: createSignedTokenFromClaims
import org.jose4j.jwk.RsaJsonWebKey; //导入依赖的package包/类
/**
* Create a RSA256 signed token from given claims and RSA jwk.
*
* @param JwtClaims claims
* @param RsaJsonWebKey rsaJsonWebKey
* @return String
* @throws JoseException
*/
private String createSignedTokenFromClaims(JwtClaims claims, RsaJsonWebKey rsaJsonWebKey) throws JoseException {
// A JWT is a JWS and/or a JWE with JSON claims as the payload.
// In this example it is a JWS so we create a JsonWebSignature object.
JsonWebSignature jws = new JsonWebSignature();
// The payload of the JWS is JSON content of the JWT Claims
jws.setPayload(claims.toJson());
// The JWT is signed using the private key
jws.setKey(rsaJsonWebKey.getPrivateKey());
// Set the signature algorithm on the JWT/JWS that will integrity protect the claims
jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.RSA_USING_SHA256);
return jws.getCompactSerialization();
}
示例3: createUnsupportedSignedTokenFromClaims
import org.jose4j.jwk.RsaJsonWebKey; //导入依赖的package包/类
/**
* Create a RSA384 signed token from given claims and RSA jwk.
*
* @param JwtClaims claims
* @param RsaJsonWebKey rsaJsonWebKey
* @return String
* @throws JoseException
*/
private String createUnsupportedSignedTokenFromClaims(JwtClaims claims, RsaJsonWebKey rsaJsonWebKey) throws JoseException {
// A JWT is a JWS and/or a JWE with JSON claims as the payload.
// In this example it is a JWS so we create a JsonWebSignature object.
JsonWebSignature jws = new JsonWebSignature();
// The payload of the JWS is JSON content of the JWT Claims
jws.setPayload(claims.toJson());
// The JWT is signed using the private key
jws.setKey(rsaJsonWebKey.getPrivateKey());
// Set the signature algorithm on the JWT/JWS that will integrity protect the claims
jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.RSA_USING_SHA384);
return jws.getCompactSerialization();
}
示例4: testMissingNBFCLaim
import org.jose4j.jwk.RsaJsonWebKey; //导入依赖的package包/类
/**
* Test proper signed token missing mandatory nbf claim.
* @throws JoseException
*/
@Test(expected=SSOException.class)
public void testMissingNBFCLaim() throws JoseException, SSOException {
RsaJsonWebKey jwk = this.generateRsaJwk();
JwtClaims claims = this.createMalformedClaims();
claims.setExpirationTimeMinutesInTheFuture(10);
claims.setIssuedAtToNow();
//claims.setNotBeforeMinutesInThePast(2);
String jwt = this.createSignedTokenFromClaims(claims, jwk);
final SSOFacade ssoFac = SSOFacade.create(jwk.getRsaPublicKey());
ssoFac.verify(jwt);
}
示例5: testFutureNBFCLaim
import org.jose4j.jwk.RsaJsonWebKey; //导入依赖的package包/类
/**
* Test proper signed token valid in an hour.
* @throws JoseException
*/
@Test(expected=SSOException.class)
public void testFutureNBFCLaim() throws JoseException, SSOException {
RsaJsonWebKey jwk = this.generateRsaJwk();
JwtClaims claims = this.createMalformedClaims();
NumericDate nbf = NumericDate.now();
nbf.addSeconds(3600);
claims.setExpirationTimeMinutesInTheFuture(10);
claims.setIssuedAtToNow();
claims.setNotBefore(nbf);
String jwt = this.createSignedTokenFromClaims(claims, jwk);
final SSOFacade ssoFac = SSOFacade.create(jwk.getRsaPublicKey());
ssoFac.verify(jwt);
}
示例6: testMissingIATCLaim
import org.jose4j.jwk.RsaJsonWebKey; //导入依赖的package包/类
/**
* Test proper signed token missing mandatory iat claim.
* @throws JoseException
*/
@Test(expected=SSOException.class)
public void testMissingIATCLaim() throws JoseException, SSOException {
RsaJsonWebKey jwk = this.generateRsaJwk();
JwtClaims claims = this.createMalformedClaims();
claims.setExpirationTimeMinutesInTheFuture(10);
//claims.setIssuedAtToNow();
claims.setNotBeforeMinutesInThePast(2);
String jwt = this.createSignedTokenFromClaims(claims, jwk);
final SSOFacade ssoFac = SSOFacade.create(jwk.getRsaPublicKey());
ssoFac.verify(jwt);
}
示例7: testMissingEXPCLaim
import org.jose4j.jwk.RsaJsonWebKey; //导入依赖的package包/类
/**
* Test proper signed token missing mandatory exp claim.
* @throws JoseException
*/
@Test(expected=SSOException.class)
public void testMissingEXPCLaim() throws JoseException, SSOException {
RsaJsonWebKey jwk = this.generateRsaJwk();
JwtClaims claims = this.createMalformedClaims();
//claims.setExpirationTimeMinutesInTheFuture(10);
claims.setIssuedAtToNow();
claims.setNotBeforeMinutesInThePast(2);
String jwt = this.createSignedTokenFromClaims(claims, jwk);
final SSOFacade ssoFac = SSOFacade.create(jwk.getRsaPublicKey());
ssoFac.verify(jwt);
}
示例8: testPastEXPCLaim
import org.jose4j.jwk.RsaJsonWebKey; //导入依赖的package包/类
/**
* Test proper signed token already expired.
* @throws JoseException
*/
@Test(expected=SSOException.class)
public void testPastEXPCLaim() throws JoseException, SSOException {
RsaJsonWebKey jwk = this.generateRsaJwk();
JwtClaims claims = this.createMalformedClaims();
NumericDate exp = NumericDate.now();
exp.addSeconds(-3600);
claims.setExpirationTime(exp);
claims.setIssuedAtToNow();
claims.setNotBeforeMinutesInThePast(2);
String jwt = this.createSignedTokenFromClaims(claims, jwk);
final SSOFacade ssoFac = SSOFacade.create(jwk.getRsaPublicKey());
ssoFac.verify(jwt);
}
示例9: getJsonSigningWebKeyFromJwks
import org.jose4j.jwk.RsaJsonWebKey; //导入依赖的package包/类
private static RsaJsonWebKey getJsonSigningWebKeyFromJwks(final JsonWebKeySet jwks) {
if (jwks.getJsonWebKeys().isEmpty()) {
LOGGER.warn("No JSON web keys are available in the keystore");
return null;
}
final RsaJsonWebKey key = (RsaJsonWebKey) jwks.getJsonWebKeys().get(0);
if (StringUtils.isBlank(key.getAlgorithm())) {
LOGGER.warn("Located JSON web key [{}] has no algorithm defined", key);
}
if (StringUtils.isBlank(key.getKeyId())) {
LOGGER.warn("Located JSON web key [{}] has no key id defined", key);
}
if (key.getPublicKey() == null) {
LOGGER.warn("Located JSON web key [{}] has no public key", key);
return null;
}
return key;
}
示例10: getJsonSigningWebKeyFromJwks
import org.jose4j.jwk.RsaJsonWebKey; //导入依赖的package包/类
private static RsaJsonWebKey getJsonSigningWebKeyFromJwks(final JsonWebKeySet jwks) {
if (jwks.getJsonWebKeys().isEmpty()) {
LOGGER.warn("No JSON web keys are available in the keystore");
return null;
}
final RsaJsonWebKey key = (RsaJsonWebKey) jwks.getJsonWebKeys().get(0);
if (StringUtils.isBlank(key.getAlgorithm())) {
LOGGER.warn("Located JSON web key [{}] has no algorithm defined", key);
}
if (StringUtils.isBlank(key.getKeyId())) {
LOGGER.warn("Located JSON web key [{}] has no key id defined", key);
}
if (key.getPrivateKey() == null) {
LOGGER.warn("Located JSON web key [{}] has no private key", key);
return null;
}
return key;
}
示例11: encryptIdToken
import org.jose4j.jwk.RsaJsonWebKey; //导入依赖的package包/类
private String encryptIdToken(final OidcRegisteredService svc, final JsonWebSignature jws, final String innerJwt) throws Exception {
LOGGER.debug("Service [{}] is set to encrypt id tokens", svc);
final JsonWebEncryption jwe = new JsonWebEncryption();
jwe.setAlgorithmHeaderValue(svc.getIdTokenEncryptionAlg());
jwe.setEncryptionMethodHeaderParameter(svc.getIdTokenEncryptionEncoding());
final Optional<RsaJsonWebKey> jwks = this.serviceJsonWebKeystoreCache.get(svc);
if (!jwks.isPresent()) {
throw new IllegalArgumentException("Service " + svc.getServiceId()
+ " with client id " + svc.getClientId()
+ " is configured to encrypt id tokens, yet no JSON web key is available");
}
final RsaJsonWebKey jsonWebKey = jwks.get();
LOGGER.debug("Found JSON web key to encrypt the id token: [{}]", jsonWebKey);
if (jsonWebKey.getPublicKey() == null) {
throw new IllegalArgumentException("JSON web key used to sign the id token has no associated public key");
}
jwe.setKey(jsonWebKey.getPublicKey());
jwe.setKeyIdHeaderValue(jws.getKeyIdHeaderValue());
jwe.setContentTypeHeaderValue("JWT");
jwe.setPayload(innerJwt);
return jwe.getCompactSerialization();
}
示例12: prepareJsonWebSignatureForIdTokenSigning
import org.jose4j.jwk.RsaJsonWebKey; //导入依赖的package包/类
private void prepareJsonWebSignatureForIdTokenSigning(final OidcRegisteredService svc, final JsonWebSignature jws,
final RsaJsonWebKey jsonWebKey) {
LOGGER.debug("Service [{}] is set to sign id tokens", svc);
jws.setKey(jsonWebKey.getPrivateKey());
jws.setAlgorithmConstraints(AlgorithmConstraints.DISALLOW_NONE);
if (StringUtils.isBlank(jsonWebKey.getKeyId())) {
jws.setKeyIdHeaderValue(UUID.randomUUID().toString());
} else {
jws.setKeyIdHeaderValue(jsonWebKey.getKeyId());
}
LOGGER.debug("Signing id token with key id header value [{}]", jws.getKeyIdHeaderValue());
jws.setAlgorithmHeaderValue(getJsonWebKeySigningAlgorithm());
LOGGER.debug("Signing id token with algorithm [{}]", jws.getAlgorithmHeaderValue());
}
示例13: buildJwks
import org.jose4j.jwk.RsaJsonWebKey; //导入依赖的package包/类
/**
* Builds JWKS if necessary after 60 seconds, but only builds
* {@value #MIN_NUMBER_OF_KEYS} at a time.
*/
@Scheduled(fixedDelay = 60000)
public void buildJwks() {
int nCreated = 0;
for (int i = 0; i < MAX_NUMBER_OF_KEYS; ++i) {
final String cacheKey = String.valueOf(i);
final JsonWebKey jwk = jwksCache.get(cacheKey, JsonWebKey.class);
if (jwk == null && nCreated < MIN_NUMBER_OF_KEYS) {
final RsaJsonWebKey newJwk = buildNewRsaKey();
jwksCache.putIfAbsent(cacheKey, newJwk);
++nCreated;
LOG.debug("Created new JWK kid={}", newJwk.getKeyId());
}
}
}
示例14: sign
import org.jose4j.jwk.RsaJsonWebKey; //导入依赖的package包/类
/**
* {@inheritDoc}
*/
@Override
public String sign(final JwtClaims claims) {
try {
final RsaJsonWebKey aSigningKey = cachedDataProvider.getASigningKey();
final JsonWebSignature jws = new JsonWebSignature();
jws.setPayload(claims.toJson());
jws.setKeyIdHeaderValue(aSigningKey.getKeyId());
jws.setKey(aSigningKey.getPrivateKey());
jws.setAlgorithmHeaderValue(aSigningKey.getAlgorithm());
jws.sign();
return jws.getCompactSerialization();
} catch (final JoseException e) {
throw new InternalServerErrorException(e);
}
}
示例15: generateAuthToken
import org.jose4j.jwk.RsaJsonWebKey; //导入依赖的package包/类
/**
* Generate an auth token with the given claims and sign the token with the
* private key in the provided {@link RsaJsonWebKey}. Set the auth token to
* expire in 5 minutes.
*/
public static String generateAuthToken(
Optional<Collection<String>> audiences,
Optional<String> email,
Optional<String> issuer,
Optional<String> subject,
RsaJsonWebKey rsaJsonWebKey) {
NumericDate expirationTime = NumericDate.now();
expirationTime.addSeconds(5 * 30);
return generateAuthToken(
audiences,
email,
expirationTime,
issuer,
NumericDate.now(),
subject,
rsaJsonWebKey);
}