本文整理汇总了Java中org.jose4j.jwt.JwtClaims类的典型用法代码示例。如果您正苦于以下问题:Java JwtClaims类的具体用法?Java JwtClaims怎么用?Java JwtClaims使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
JwtClaims类属于org.jose4j.jwt包,在下文中一共展示了JwtClaims类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: newerWorkaroundOnConsumerBuilder
import org.jose4j.jwt.JwtClaims; //导入依赖的package包/类
@Test
public void newerWorkaroundOnConsumerBuilder() throws Exception
{
JsonWebKeySet jwks = new JsonWebKeySet(JWKS_JSON);
JwksVerificationKeyResolver verificationKeyResolver = new JwksVerificationKeyResolver(jwks.getJsonWebKeys());
JwtConsumer jwtConsumer = new JwtConsumerBuilder()
.setRelaxVerificationKeyValidation() // **THIS** is what will tell the underlying JWS to not check the key too much and allow the 1024
.setRequireExpirationTime()
.setEvaluationTime(EVALUATION_TIME)
.setRequireSubject() // the JWT must have a subject claim
.setExpectedIssuer(ISSUER)
.setExpectedAudience(CLIENT_ID) // to whom the JWT is intended for
.setVerificationKeyResolver(verificationKeyResolver) // pretend to use Google's jwks endpoint to find the key for signature checks
.build(); // create the JwtConsumer instance
JwtClaims claims = jwtConsumer.processToClaims(ID_TOKEN);
assertThat(SUBJECT_VALUE, equalTo(claims.getSubject()));
}
示例2: generateJWTAssertion
import org.jose4j.jwt.JwtClaims; //导入依赖的package包/类
public static String generateJWTAssertion(String email, String privateKeyBase64,
float expiryInSeconds) {
PrivateKey privateKey = getPrivateKey(privateKeyBase64);
final JwtClaims claims = new JwtClaims();
claims.setSubject(email);
claims.setAudience("https://api.metamind.io/v1/oauth2/token");
claims.setExpirationTimeMinutesInTheFuture(expiryInSeconds / 60);
claims.setIssuedAtToNow();
// Generate the payload
final JsonWebSignature jws = new JsonWebSignature();
jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.RSA_USING_SHA256);
jws.setPayload(claims.toJson());
jws.setKeyIdHeaderValue(UUID.randomUUID().toString());
// Sign using the private key
jws.setKey(privateKey);
try {
return jws.getCompactSerialization();
} catch (JoseException e) {
return null;
}
}
示例3: SSOData
import org.jose4j.jwt.JwtClaims; //导入依赖的package包/类
/**********************************************
* Constructors
**********************************************/
public SSOData(final JwtClaims jwtClaims) throws MalformedClaimException {
Objects.requireNonNull(jwtClaims);
this.instanceID = jwtClaims.getClaimValue(KEY_INSTANCE_ID, String.class);
this.userID = jwtClaims.getClaimValue(KEY_USER_ID, String.class);
this.userExternalID = jwtClaims.getClaimValue(KEY_USER_EXTERNAL_ID, String.class);
this.userFirstName = jwtClaims.getClaimValue(KEY_USER_FIRST_NAME, String.class);
this.userLastName = jwtClaims.getClaimValue(KEY_USER_LAST_NAME, String.class);
this.userRole = jwtClaims.getClaimValue(KEY_USER_ROLE, String.class);
this.userLocale = jwtClaims.getClaimValue(KEY_USER_LOCALE, String.class);
this.issuer = jwtClaims.getClaimValue(KEY_ISSUER, String.class);
this.audience = jwtClaims.getClaimValue(KEY_AUDIENCE, String.class);
this.instanceName = jwtClaims.getClaimValue(KEY_INSTANCE_NAME, String.class);
this.userFullName = jwtClaims.getClaimValue(KEY_USER_FULL_NAME, String.class);
this.entityType = jwtClaims.getClaimValue(KEY_ENTITY_TYPE, String.class);
this.themeTextColor = jwtClaims.getClaimValue(KEY_THEME_TEXT_COLOR, String.class);
this.themeBackgroundColor = jwtClaims.getClaimValue(KEY_THEME_BACKGROUND_COLOR, String.class);
this.tags = jwtClaims.getClaimValue(KEY_TAGS, List.class);
}
示例4: createDefaultClaims
import org.jose4j.jwt.JwtClaims; //导入依赖的package包/类
/**
* Create a JwtClaims object with prefilled sane defaults.
* @return JwtClaims
*/
private JwtClaims createDefaultClaims() {
JwtClaims claims = new JwtClaims();
claims.setIssuer(SSODataTest.DATA_ISSUER); // who creates the token and signs it
claims.setAudience(SSODataTest.DATA_AUDIENCE); // to whom the token is intended to be sent
claims.setExpirationTimeMinutesInTheFuture(10); // time when the token will expire (10 minutes from now)
claims.setGeneratedJwtId(); // a unique identifier for the token
claims.setIssuedAtToNow(); // when the token was issued/created (now)
claims.setNotBeforeMinutesInThePast(2); // time before which the token is not yet valid (2 minutes ago)
claims.setSubject(SSODataTest.DATA_USER_ID); // the subject/principal is whom the token is about
claims.setClaim(SSOData.KEY_INSTANCE_ID, SSODataTest.DATA_INSTANCE_ID); // additional claims/attributes about the subject can be added
return claims;
}
示例5: createSignedTokenFromClaims
import org.jose4j.jwt.JwtClaims; //导入依赖的package包/类
/**
* Create a RSA256 signed token from given claims and RSA jwk.
*
* @param JwtClaims claims
* @param RsaJsonWebKey rsaJsonWebKey
* @return String
* @throws JoseException
*/
private String createSignedTokenFromClaims(JwtClaims claims, RsaJsonWebKey rsaJsonWebKey) throws JoseException {
// A JWT is a JWS and/or a JWE with JSON claims as the payload.
// In this example it is a JWS so we create a JsonWebSignature object.
JsonWebSignature jws = new JsonWebSignature();
// The payload of the JWS is JSON content of the JWT Claims
jws.setPayload(claims.toJson());
// The JWT is signed using the private key
jws.setKey(rsaJsonWebKey.getPrivateKey());
// Set the signature algorithm on the JWT/JWS that will integrity protect the claims
jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.RSA_USING_SHA256);
return jws.getCompactSerialization();
}
示例6: createUnsupportedSignedTokenFromClaims
import org.jose4j.jwt.JwtClaims; //导入依赖的package包/类
/**
* Create a RSA384 signed token from given claims and RSA jwk.
*
* @param JwtClaims claims
* @param RsaJsonWebKey rsaJsonWebKey
* @return String
* @throws JoseException
*/
private String createUnsupportedSignedTokenFromClaims(JwtClaims claims, RsaJsonWebKey rsaJsonWebKey) throws JoseException {
// A JWT is a JWS and/or a JWE with JSON claims as the payload.
// In this example it is a JWS so we create a JsonWebSignature object.
JsonWebSignature jws = new JsonWebSignature();
// The payload of the JWS is JSON content of the JWT Claims
jws.setPayload(claims.toJson());
// The JWT is signed using the private key
jws.setKey(rsaJsonWebKey.getPrivateKey());
// Set the signature algorithm on the JWT/JWS that will integrity protect the claims
jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.RSA_USING_SHA384);
return jws.getCompactSerialization();
}
示例7: testMissingNBFCLaim
import org.jose4j.jwt.JwtClaims; //导入依赖的package包/类
/**
* Test proper signed token missing mandatory nbf claim.
* @throws JoseException
*/
@Test(expected=SSOException.class)
public void testMissingNBFCLaim() throws JoseException, SSOException {
RsaJsonWebKey jwk = this.generateRsaJwk();
JwtClaims claims = this.createMalformedClaims();
claims.setExpirationTimeMinutesInTheFuture(10);
claims.setIssuedAtToNow();
//claims.setNotBeforeMinutesInThePast(2);
String jwt = this.createSignedTokenFromClaims(claims, jwk);
final SSOFacade ssoFac = SSOFacade.create(jwk.getRsaPublicKey());
ssoFac.verify(jwt);
}
示例8: testFutureNBFCLaim
import org.jose4j.jwt.JwtClaims; //导入依赖的package包/类
/**
* Test proper signed token valid in an hour.
* @throws JoseException
*/
@Test(expected=SSOException.class)
public void testFutureNBFCLaim() throws JoseException, SSOException {
RsaJsonWebKey jwk = this.generateRsaJwk();
JwtClaims claims = this.createMalformedClaims();
NumericDate nbf = NumericDate.now();
nbf.addSeconds(3600);
claims.setExpirationTimeMinutesInTheFuture(10);
claims.setIssuedAtToNow();
claims.setNotBefore(nbf);
String jwt = this.createSignedTokenFromClaims(claims, jwk);
final SSOFacade ssoFac = SSOFacade.create(jwk.getRsaPublicKey());
ssoFac.verify(jwt);
}
示例9: testMissingIATCLaim
import org.jose4j.jwt.JwtClaims; //导入依赖的package包/类
/**
* Test proper signed token missing mandatory iat claim.
* @throws JoseException
*/
@Test(expected=SSOException.class)
public void testMissingIATCLaim() throws JoseException, SSOException {
RsaJsonWebKey jwk = this.generateRsaJwk();
JwtClaims claims = this.createMalformedClaims();
claims.setExpirationTimeMinutesInTheFuture(10);
//claims.setIssuedAtToNow();
claims.setNotBeforeMinutesInThePast(2);
String jwt = this.createSignedTokenFromClaims(claims, jwk);
final SSOFacade ssoFac = SSOFacade.create(jwk.getRsaPublicKey());
ssoFac.verify(jwt);
}
示例10: testMissingEXPCLaim
import org.jose4j.jwt.JwtClaims; //导入依赖的package包/类
/**
* Test proper signed token missing mandatory exp claim.
* @throws JoseException
*/
@Test(expected=SSOException.class)
public void testMissingEXPCLaim() throws JoseException, SSOException {
RsaJsonWebKey jwk = this.generateRsaJwk();
JwtClaims claims = this.createMalformedClaims();
//claims.setExpirationTimeMinutesInTheFuture(10);
claims.setIssuedAtToNow();
claims.setNotBeforeMinutesInThePast(2);
String jwt = this.createSignedTokenFromClaims(claims, jwk);
final SSOFacade ssoFac = SSOFacade.create(jwk.getRsaPublicKey());
ssoFac.verify(jwt);
}
示例11: testPastEXPCLaim
import org.jose4j.jwt.JwtClaims; //导入依赖的package包/类
/**
* Test proper signed token already expired.
* @throws JoseException
*/
@Test(expected=SSOException.class)
public void testPastEXPCLaim() throws JoseException, SSOException {
RsaJsonWebKey jwk = this.generateRsaJwk();
JwtClaims claims = this.createMalformedClaims();
NumericDate exp = NumericDate.now();
exp.addSeconds(-3600);
claims.setExpirationTime(exp);
claims.setIssuedAtToNow();
claims.setNotBeforeMinutesInThePast(2);
String jwt = this.createSignedTokenFromClaims(claims, jwk);
final SSOFacade ssoFac = SSOFacade.create(jwk.getRsaPublicKey());
ssoFac.verify(jwt);
}
示例12: getJwtClaims
import org.jose4j.jwt.JwtClaims; //导入依赖的package包/类
private JwtClaims getJwtClaims(String token) {
HttpsJwks httpsJkws = new HttpsJwks(jwksBaseURL);
HttpsJwksVerificationKeyResolver httpsJwksKeyResolver = new HttpsJwksVerificationKeyResolver(httpsJkws);
JwtConsumer jwtConsumer = new JwtConsumerBuilder().setRequireExpirationTime().setAllowedClockSkewInSeconds(3600)
.setExpectedIssuer(jwksIssuer)
// whom the JWT needs to have been issued by
.setExpectedAudience(jwksAudience).setVerificationKeyResolver(httpsJwksKeyResolver).build();
try {
// Validate the JWT and process it to the Claims
JwtClaims jwtClaims = jwtConsumer.processToClaims(token);
return jwtClaims;
} catch (InvalidJwtException e) {
// Anyway here throws the exception , so no need to log the error.
// log the error if required from where this function invokes
// logger.error("Invalid JWT! " + e);
throw new AuthenticationServiceException("Invalid Token");
}
}
示例13: encode
import org.jose4j.jwt.JwtClaims; //导入依赖的package包/类
/**
* Sign id token claim string.
*
* @param svc the service
* @param claims the claims
* @return the string
* @throws JoseException the jose exception
*/
public String encode(final OidcRegisteredService svc, final JwtClaims claims) throws JoseException {
try {
LOGGER.debug("Attempting to produce id token generated for service [{}]", svc);
final JsonWebSignature jws = new JsonWebSignature();
final String jsonClaims = claims.toJson();
jws.setPayload(jsonClaims);
LOGGER.debug("Generated claims to put into id token are [{}]", jsonClaims);
jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.NONE);
jws.setAlgorithmConstraints(AlgorithmConstraints.NO_CONSTRAINTS);
String innerJwt = svc.isSignIdToken() ? signIdToken(svc, jws) : jws.getCompactSerialization();
if (svc.isEncryptIdToken() && StringUtils.isNotBlank(svc.getIdTokenEncryptionAlg())
&& StringUtils.isNotBlank(svc.getIdTokenEncryptionEncoding())) {
innerJwt = encryptIdToken(svc, jws, innerJwt);
}
return innerJwt;
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
throw Throwables.propagate(e);
}
}
示例14: generate
import org.jose4j.jwt.JwtClaims; //导入依赖的package包/类
/**
* Generate string.
*
* @param request the request
* @param response the response
* @param accessTokenId the access token id
* @param timeout the timeout
* @param responseType the response type
* @param registeredService the registered service
* @return the string
* @throws Exception the exception
*/
public String generate(final HttpServletRequest request,
final HttpServletResponse response,
final AccessToken accessTokenId,
final long timeout,
final OAuth20ResponseTypes responseType,
final OAuthRegisteredService registeredService) throws Exception {
final OidcRegisteredService oidcRegisteredService = (OidcRegisteredService) registeredService;
final J2EContext context = WebUtils.getPac4jJ2EContext(request, response);
final ProfileManager manager = WebUtils.getPac4jProfileManager(request, response);
final Optional<UserProfile> profile = manager.get(true);
LOGGER.debug("Attempting to produce claims for the id token [{}]", accessTokenId);
final JwtClaims claims = produceIdTokenClaims(request, accessTokenId, timeout,
oidcRegisteredService, profile.get(), context, responseType);
LOGGER.debug("Produce claims for the id token [{}] as [{}]", accessTokenId, claims);
return this.signingService.encode(oidcRegisteredService, claims);
}
示例15: createToken
import org.jose4j.jwt.JwtClaims; //导入依赖的package包/类
@Override
public String createToken(final String to) {
try {
final String token = UUID.randomUUID().toString();
final JwtClaims claims = new JwtClaims();
claims.setJwtId(token);
claims.setIssuer(issuer);
claims.setAudience(issuer);
claims.setExpirationTimeMinutesInTheFuture(passwordManagementProperties.getReset().getExpirationMinutes());
claims.setIssuedAtToNow();
final ClientInfo holder = ClientInfoHolder.getClientInfo();
claims.setStringClaim("origin", holder.getServerIpAddress());
claims.setStringClaim("client", holder.getClientIpAddress());
claims.setSubject(to);
final String json = claims.toJson();
return this.cipherExecutor.encode(json);
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
}
return null;
}