本文整理汇总了Java中org.jose4j.jws.AlgorithmIdentifiers类的典型用法代码示例。如果您正苦于以下问题:Java AlgorithmIdentifiers类的具体用法?Java AlgorithmIdentifiers怎么用?Java AlgorithmIdentifiers使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
AlgorithmIdentifiers类属于org.jose4j.jws包,在下文中一共展示了AlgorithmIdentifiers类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: initialize
import org.jose4j.jws.AlgorithmIdentifiers; //导入依赖的package包/类
/**
* Initialize this component by building up the consumer for JWT using the
* pre-configured secret
*
* @param rsaPublicKey the RSA public key to be used for verification.
*
* @return Fluent interface.
*/
SSOFacade initialize(final RSAPublicKey rsaPublicKey) {
if (logger.isDebugEnabled()) {
logger.debug("Initializing single-sign-on manager SSOFacade. ");
}
Objects.requireNonNull(rsaPublicKey);
// Build up the algorithm constraints by only accepting RSA_USING_SHA256.
final AlgorithmConstraints algorithmConstraints = new AlgorithmConstraints(
AlgorithmConstraints.ConstraintType.WHITELIST, AlgorithmIdentifiers.RSA_USING_SHA256);
this.jwtConsumer = new JwtConsumerBuilder()
.setJwsAlgorithmConstraints(algorithmConstraints)
.setSkipDefaultAudienceValidation()
.setVerificationKey(rsaPublicKey)
.setRequireExpirationTime()
.setRequireNotBefore()
.setRequireIssuedAt()
.build();
return this;
}
示例2: generateJWTAssertion
import org.jose4j.jws.AlgorithmIdentifiers; //导入依赖的package包/类
public static String generateJWTAssertion(String email, String privateKeyBase64,
float expiryInSeconds) {
PrivateKey privateKey = getPrivateKey(privateKeyBase64);
final JwtClaims claims = new JwtClaims();
claims.setSubject(email);
claims.setAudience("https://api.metamind.io/v1/oauth2/token");
claims.setExpirationTimeMinutesInTheFuture(expiryInSeconds / 60);
claims.setIssuedAtToNow();
// Generate the payload
final JsonWebSignature jws = new JsonWebSignature();
jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.RSA_USING_SHA256);
jws.setPayload(claims.toJson());
jws.setKeyIdHeaderValue(UUID.randomUUID().toString());
// Sign using the private key
jws.setKey(privateKey);
try {
return jws.getCompactSerialization();
} catch (JoseException e) {
return null;
}
}
示例3: createSignedTokenFromClaims
import org.jose4j.jws.AlgorithmIdentifiers; //导入依赖的package包/类
/**
* Create a RSA256 signed token from given claims and RSA jwk.
*
* @param JwtClaims claims
* @param RsaJsonWebKey rsaJsonWebKey
* @return String
* @throws JoseException
*/
private String createSignedTokenFromClaims(JwtClaims claims, RsaJsonWebKey rsaJsonWebKey) throws JoseException {
// A JWT is a JWS and/or a JWE with JSON claims as the payload.
// In this example it is a JWS so we create a JsonWebSignature object.
JsonWebSignature jws = new JsonWebSignature();
// The payload of the JWS is JSON content of the JWT Claims
jws.setPayload(claims.toJson());
// The JWT is signed using the private key
jws.setKey(rsaJsonWebKey.getPrivateKey());
// Set the signature algorithm on the JWT/JWS that will integrity protect the claims
jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.RSA_USING_SHA256);
return jws.getCompactSerialization();
}
示例4: createUnsupportedSignedTokenFromClaims
import org.jose4j.jws.AlgorithmIdentifiers; //导入依赖的package包/类
/**
* Create a RSA384 signed token from given claims and RSA jwk.
*
* @param JwtClaims claims
* @param RsaJsonWebKey rsaJsonWebKey
* @return String
* @throws JoseException
*/
private String createUnsupportedSignedTokenFromClaims(JwtClaims claims, RsaJsonWebKey rsaJsonWebKey) throws JoseException {
// A JWT is a JWS and/or a JWE with JSON claims as the payload.
// In this example it is a JWS so we create a JsonWebSignature object.
JsonWebSignature jws = new JsonWebSignature();
// The payload of the JWS is JSON content of the JWT Claims
jws.setPayload(claims.toJson());
// The JWT is signed using the private key
jws.setKey(rsaJsonWebKey.getPrivateKey());
// Set the signature algorithm on the JWT/JWS that will integrity protect the claims
jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.RSA_USING_SHA384);
return jws.getCompactSerialization();
}
示例5: encode
import org.jose4j.jws.AlgorithmIdentifiers; //导入依赖的package包/类
/**
* Sign id token claim string.
*
* @param svc the service
* @param claims the claims
* @return the string
* @throws JoseException the jose exception
*/
public String encode(final OidcRegisteredService svc, final JwtClaims claims) throws JoseException {
try {
LOGGER.debug("Attempting to produce id token generated for service [{}]", svc);
final JsonWebSignature jws = new JsonWebSignature();
final String jsonClaims = claims.toJson();
jws.setPayload(jsonClaims);
LOGGER.debug("Generated claims to put into id token are [{}]", jsonClaims);
jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.NONE);
jws.setAlgorithmConstraints(AlgorithmConstraints.NO_CONSTRAINTS);
String innerJwt = svc.isSignIdToken() ? signIdToken(svc, jws) : jws.getCompactSerialization();
if (svc.isEncryptIdToken() && StringUtils.isNotBlank(svc.getIdTokenEncryptionAlg())
&& StringUtils.isNotBlank(svc.getIdTokenEncryptionEncoding())) {
innerJwt = encryptIdToken(svc, jws, innerJwt);
}
return innerJwt;
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
throw Throwables.propagate(e);
}
}
示例6: generateAccessTokenHash
import org.jose4j.jws.AlgorithmIdentifiers; //导入依赖的package包/类
private String generateAccessTokenHash(final AccessToken accessTokenId,
final OidcRegisteredService service) {
final byte[] tokenBytes = accessTokenId.getId().getBytes();
final String hashAlg;
switch (signingService.getJsonWebKeySigningAlgorithm()) {
case AlgorithmIdentifiers.RSA_USING_SHA512:
hashAlg = MessageDigestAlgorithms.SHA_512;
break;
case AlgorithmIdentifiers.RSA_USING_SHA256:
default:
hashAlg = MessageDigestAlgorithms.SHA_256;
}
LOGGER.debug("Digesting access token hash via algorithm [{}]", hashAlg);
final byte[] digested = DigestUtils.rawDigest(hashAlg, tokenBytes);
final byte[] hashBytesLeftHalf = Arrays.copyOf(digested, digested.length / 2);
return EncodingUtils.encodeBase64(hashBytesLeftHalf);
}
示例7: newJwsConsumer
import org.jose4j.jws.AlgorithmIdentifiers; //导入依赖的package包/类
private JwtConsumer newJwsConsumer(){
// If we don't have a JWK we can't create a consumer to verify anything.
// Why might we not have one? If the remote authentication service was down when Stroom started
// then we wouldn't. It might not be up now but we're going to try and fetch it.
if(jwk == null){
fetchNewPublicKeys();
}
final String expectedIssuer = stroomPropertyService.getPropertyOrThrow("stroom.stats.auth.expectedIssuer");
JwtConsumerBuilder builder = new JwtConsumerBuilder()
.setAllowedClockSkewInSeconds(30) // allow some leeway in validating time based claims to account for clock skew
.setRequireSubject() // the JWT must have a subject claim
.setVerificationKey(this.jwk.getPublicKey()) // verify the signature with the public key
.setRelaxVerificationKeyValidation() // relaxes key length requirement
.setJwsAlgorithmConstraints( // only allow the expected signature algorithm(s) in the given context
new AlgorithmConstraints(AlgorithmConstraints.ConstraintType.WHITELIST, // which is only RS256 here
AlgorithmIdentifiers.RSA_USING_SHA256))
.setExpectedIssuer(expectedIssuer);
return builder.build();
}
示例8: generateJwt
import org.jose4j.jws.AlgorithmIdentifiers; //导入依赖的package包/类
private static String generateJwt(RsaJsonWebKey jwk, Optional<String> keyId)
throws JoseException {
JwtClaims claims = new JwtClaims();
claims.setIssuer("Issuer");
claims.setAudience("Audience");
JsonWebSignature jws = new JsonWebSignature();
jws.setPayload(claims.toJson());
jws.setKey(jwk.getPrivateKey());
jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.RSA_USING_SHA256);
if (keyId.isPresent()) {
jws.setKeyIdHeaderValue(keyId.get());
}
return jws.getCompactSerialization();
}
示例9: uniqueKidTestFRJwksEndpoint
import org.jose4j.jws.AlgorithmIdentifiers; //导入依赖的package包/类
@Test
public void uniqueKidTestFRJwksEndpoint() throws JoseException
{
// JSON content from https://demo.forgerock.com:8443/openam/oauth2/connect/jwk_uri on Jan 8, 2015
String json = "{\"keys\":[{\"kty\":\"RSA\",\"kid\":\"fb301b61-9b8a-4c34-9212-5d6fb9df1a57\",\"use\":\"sig\",\"alg\":\"RS256\",\"n\":\"AK0kHP1O-RgdgLSoWxkuaYoi5Jic6hLKeuKw8WzCfsQ68ntBDf6tVOTn_kZA7Gjf4oJAL1dXLlxIEy-kZWnxT3FF-0MQ4WQYbGBfaW8LTM4uAOLLvYZ8SIVEXmxhJsSlvaiTWCbNFaOfiII8bhFp4551YB07NfpquUGEwOxOmci_\",\"e\":\"AQAB\"}]}";
JsonWebKeySet jwks = new JsonWebKeySet(json);
VerificationJwkSelector verificationJwkSelector = new VerificationJwkSelector();
JsonWebSignature jws = new JsonWebSignature();
jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.RSA_USING_SHA256);
jws.setKeyIdHeaderValue("fb301b61-9b8a-4c34-9212-5d6fb9df1a57");
List<JsonWebKey> jsonWebKeys = jwks.getJsonWebKeys();
List<JsonWebKey> selected = verificationJwkSelector.selectList(jws, jsonWebKeys);
assertThat(1, equalTo(selected.size()));
assertThat("fb301b61-9b8a-4c34-9212-5d6fb9df1a57", equalTo(selected.get(0).getKeyId()));
}
示例10: uniqueKidTestMiterJwksEndpoint
import org.jose4j.jws.AlgorithmIdentifiers; //导入依赖的package包/类
@Test
public void uniqueKidTestMiterJwksEndpoint() throws JoseException
{
// JSON content from https://mitreid.org/jwk on Jan 8, 2015
String json = "{\"keys\":[{\"alg\":\"RS256\",\"e\":\"AQAB\",\"n\":\"23zs5r8PQKpsKeoUd2Bjz3TJkUljWqMD8X98SaIb1LE7dCQzi9jwO58FGL0ieY1Dfnr9-g1iiY8sNzV-byawK98W9yFiopaghfoKtxXgUD8pi0fLPeWmAkntjn28Z_WZvvA265ELbBhphPXEJcFhdzUfgESHVuqFMEqp1pB-CP0\"," +
"\"kty\":\"RSA\",\"kid\":\"rsa1\"}]}";
JsonWebKeySet jwks = new JsonWebKeySet(json);
VerificationJwkSelector verificationJwkSelector = new VerificationJwkSelector();
JsonWebSignature jws = new JsonWebSignature();
jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.RSA_USING_SHA256);
jws.setKeyIdHeaderValue("rsa1");
List<JsonWebKey> jsonWebKeys = jwks.getJsonWebKeys();
List<JsonWebKey> selected = verificationJwkSelector.selectList(jws, jsonWebKeys);
assertThat(1, equalTo(selected.size()));
assertThat("rsa1", equalTo(selected.get(0).getKeyId()));
}
示例11: uniqueKidTestNriPhpJwksEndpoint
import org.jose4j.jws.AlgorithmIdentifiers; //导入依赖的package包/类
@Test
public void uniqueKidTestNriPhpJwksEndpoint() throws JoseException
{
// JSON content from https://connect.openid4.us/connect4us.jwk on Jan 8, 2015
String json = "{\n" +
" \"keys\":[\n" +
" {\n" +
" \"kty\":\"RSA\",\n" +
" \"n\":\"tf_sB4M0sHearRLzz1q1JRgRdRnwk0lz-IcVDFlpp2dtDVyA-ZM8Tu1swp7upaTNykf7cp3Ne_6uW3JiKvRMDdNdvHWCzDHmbmZWGdnFF9Ve-D1cUxj4ETVpUM7AIXWbGs34fUNYl3Xzc4baSyvYbc3h6iz8AIdb_1bQLxJsHBi-ydg3NMJItgQJqBiwCmQYCOnJlekR-Ga2a5XlIx46Wsj3Pz0t0dzM8gVSU9fU3QrKKzDFCoFHTgig1YZNNW5W2H6QwANL5h-nbgre5sWmDmdnfiU6Pj5GOQDmp__rweinph8OAFNF6jVqrRZ3QJEmMnO42naWOsxV2FAUXafksQ\",\n" +
" \"e\":\"AQAB\",\n" +
" \"kid\":\"ABOP-00\"\n" +
" }\n" +
" ]\n" +
"}\n";
JsonWebKeySet jwks = new JsonWebKeySet(json);
VerificationJwkSelector verificationJwkSelector = new VerificationJwkSelector();
JsonWebSignature jws = new JsonWebSignature();
jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.RSA_USING_SHA384);
jws.setKeyIdHeaderValue("ABOP-00");
List<JsonWebKey> jsonWebKeys = jwks.getJsonWebKeys();
List<JsonWebKey> selected = verificationJwkSelector.selectList(jws, jsonWebKeys);
assertThat(1, equalTo(selected.size()));
assertThat("ABOP-00", equalTo(selected.get(0).getKeyId()));
}
示例12: testNpeWithNonExtractableKeyDataHS256
import org.jose4j.jws.AlgorithmIdentifiers; //导入依赖的package包/类
@Test
public void testNpeWithNonExtractableKeyDataHS256() throws Exception
{
byte[] raw = Base64Url.decode("hup76LcA9B7pqrEtqyb4EBg6XCcr9r0iOCFF1FeZiJM");
FakeHsmNonExtractableSecretKeySpec key = new FakeHsmNonExtractableSecretKeySpec(raw, "HmacSHA256");
JwtClaims claims = new JwtClaims();
claims.setExpirationTimeMinutesInTheFuture(5);
claims.setSubject("subject");
claims.setIssuer("issuer");
JsonWebSignature jws = new JsonWebSignature();
jws.setPayload(claims.toJson());
jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.HMAC_SHA256);
jws.setKey(key);
String jwt = jws.getCompactSerialization();
JwtConsumerBuilder jwtConsumerBuilder = new JwtConsumerBuilder();
jwtConsumerBuilder.setAllowedClockSkewInSeconds(60);
jwtConsumerBuilder.setRequireSubject();
jwtConsumerBuilder.setExpectedIssuer("issuer");
jwtConsumerBuilder.setVerificationKey(key);
JwtConsumer jwtConsumer = jwtConsumerBuilder.build();
JwtClaims processedClaims = jwtConsumer.processToClaims(jwt);
System.out.println(processedClaims);
}
示例13: Octet_Key_MAC_3_5
import org.jose4j.jws.AlgorithmIdentifiers; //导入依赖的package包/类
@Test
public void Octet_Key_MAC_3_5() throws JoseException
{
String jwkJson =
" {\n" +
" \"kty\": \"oct\",\n" +
" \"kid\": \"018c0ae5-4d9b-471b-bfd6-eef314bc7037\",\n" +
" \"use\": \"sig\",\n" +
" \"alg\": \"HS256\",\n" +
" \"k\": \"hJtXIZ2uSN5kbQfbtTNWbpdmhkV8FJG-Onbc6mxCcYg\"\n" +
" }";
JsonWebKey jwk = JsonWebKey.Factory.newJwk(jwkJson);
assertThat(jwk.getKeyId(), is(equalTo("018c0ae5-4d9b-471b-bfd6-eef314bc7037")));
assertThat(jwk.getUse(), is(equalTo(Use.SIGNATURE)));
assertThat(jwk.getAlgorithm(), is(equalTo(AlgorithmIdentifiers.HMAC_SHA256)));
OctetSequenceJsonWebKey octJwk = (OctetSequenceJsonWebKey) jwk;
byte[] octetSequence = octJwk.getOctetSequence();
assertThat(octetSequence.length, is(equalTo(32)));
jwk = JsonWebKey.Factory.newJwk(jwk.getKey());
String jsonOutput = jwk.toJson(JsonWebKey.OutputControlLevel.INCLUDE_PRIVATE);
assertThat(jsonOutput, containsString("\"hJtXIZ2uSN5kbQfbtTNWbpdmhkV8FJG-Onbc6mxCcYg\""));
}
示例14: testAnEx
import org.jose4j.jws.AlgorithmIdentifiers; //导入依赖的package包/类
@Test
public void testAnEx() throws Exception
{
String location = "https://www.example.org/";
Get mockGet = mock(Get.class);
when(mockGet.get(location)).thenThrow(new IOException(location + "says 'no GET for you!'"));
HttpsJwks httpsJkws = new HttpsJwks(location);
httpsJkws.setSimpleHttpGet(mockGet);
HttpsJwksVerificationKeyResolver resolver = new HttpsJwksVerificationKeyResolver(httpsJkws);
JsonWebSignature jws = new JsonWebSignature();
jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256);
jws.setKeyIdHeaderValue("nope");
try
{
Key key = resolver.resolveKey(jws, Collections.<JsonWebStructure>emptyList());
fail("shouldn't have resolved a key but got " + key);
}
catch (UnresolvableKeyException e)
{
log.debug("this was expected and is okay: {}", e.toString());
}
}
示例15: testSign
import org.jose4j.jws.AlgorithmIdentifiers; //导入依赖的package包/类
@Test
public void testSign() throws Exception {
// Base64 string server public/private key
String vapidPublicKey = "BOH8nTQA5iZhl23+NCzGG9prvOZ5BE0MJXBW+GUkQIvRVTVB32JxmX0V1j6z0r7rnT7+bgi6f2g5fMPpAh5brqM=";
String vapidPrivateKey = "TRlY/7yQzvqcLpgHQTxiU5fVzAAvAw/cdSh5kLFLNqg=";
JwtClaims claims = new JwtClaims();
claims.setAudience("https://developer.services.mozilla.com/a476b8ea-c4b8-4359-832a-e2747b6ab88a");
JsonWebSignature jws = new JsonWebSignature();
jws.setPayload(claims.toJson());
jws.setKey(Utils.loadPrivateKey(vapidPrivateKey));
jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256);
System.out.println(jws.getCompactSerialization());
}