本文整理汇总了Java中org.jose4j.jwt.consumer.InvalidJwtException类的典型用法代码示例。如果您正苦于以下问题:Java InvalidJwtException类的具体用法?Java InvalidJwtException怎么用?Java InvalidJwtException使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
InvalidJwtException类属于org.jose4j.jwt.consumer包,在下文中一共展示了InvalidJwtException类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getJwtClaims
import org.jose4j.jwt.consumer.InvalidJwtException; //导入依赖的package包/类
private JwtClaims getJwtClaims(String token) {
HttpsJwks httpsJkws = new HttpsJwks(jwksBaseURL);
HttpsJwksVerificationKeyResolver httpsJwksKeyResolver = new HttpsJwksVerificationKeyResolver(httpsJkws);
JwtConsumer jwtConsumer = new JwtConsumerBuilder().setRequireExpirationTime().setAllowedClockSkewInSeconds(3600)
.setExpectedIssuer(jwksIssuer)
// whom the JWT needs to have been issued by
.setExpectedAudience(jwksAudience).setVerificationKeyResolver(httpsJwksKeyResolver).build();
try {
// Validate the JWT and process it to the Claims
JwtClaims jwtClaims = jwtConsumer.processToClaims(token);
return jwtClaims;
} catch (InvalidJwtException e) {
// Anyway here throws the exception , so no need to log the error.
// log the error if required from where this function invokes
// logger.error("Invalid JWT! " + e);
throw new AuthenticationServiceException("Invalid Token");
}
}
示例2: toClaimsSet
import org.jose4j.jwt.consumer.InvalidJwtException; //导入依赖的package包/类
/**
* {@inheritDoc}
*/
@Override
public JwtClaims toClaimsSet(final String jwt,
final String audience,
final HttpsJwks httpsJwks) {
final JwtConsumerBuilder builder = new JwtConsumerBuilder()
.setVerificationKeyResolver(new HttpsJwksVerificationKeyResolver(httpsJwks));
if (audience == null) {
builder.setSkipDefaultAudienceValidation();
} else {
builder.setExpectedAudience(audience);
}
final JwtConsumer jwtConsumer = builder
.build();
try {
return jwtConsumer.processToClaims(jwt);
} catch (final InvalidJwtException e) {
throw new InternalServerErrorException(e);
}
}
示例3: authenticate
import org.jose4j.jwt.consumer.InvalidJwtException; //导入依赖的package包/类
@Override
@UnitOfWork
public Optional<User> authenticate(String token) throws AuthenticationException {
String username;
try {
username = tokenController.getUsernameFromToken(token);
} catch (InvalidJwtException e) {
throw new AuthenticationException(e);
}
if (StringUtils.isBlank(username)) {
LOG.error("Username is blank.");
return Optional.empty();
} else {
User user = userDAO.findByUserName(username);
return Optional.ofNullable(user);
}
}
示例4: validateJwtToken
import org.jose4j.jwt.consumer.InvalidJwtException; //导入依赖的package包/类
public static String validateJwtToken( String jwt ) throws InvalidJwtException {
JwtConsumer jwtConsumer = new JwtConsumerBuilder()
// the JWT must have an expiration time
.setRequireExpirationTime()
// but the expiration time can't be too crazy
.setMaxFutureValidityInMinutes( 300 )
// allow some leeway in validating time based claims to account for clock skew
.setAllowedClockSkewInSeconds( 30 )
// whom the JWT needs to have been issued by
.setExpectedIssuer( issuer )
// verify the signature with the public key
.setVerificationKey( rsaJsonWebKey.getKey() )
.build();
// Validate the JWT and process it to the Claims
JwtClaims jwtClaims = jwtConsumer.processToClaims( jwt );
System.out.println( "JWT validation succeeded! " + jwtClaims );
// validate and return the encoded user id
return jwtClaims.getClaimsMap().get("id").toString();
}
示例5: isTokenExpired
import org.jose4j.jwt.consumer.InvalidJwtException; //导入依赖的package包/类
private static boolean isTokenExpired(String authorization) {
boolean expired = false;
String jwt = getJwtFromAuthorization(authorization);
if(jwt != null) {
JwtConsumer consumer = new JwtConsumerBuilder()
.setDisableRequireSignature()
.setSkipSignatureVerification()
.build();
try {
consumer.processToClaims(jwt);
} catch (InvalidJwtException e) {
if(e.hasExpired()) expired = true;
}
}
return expired;
}
示例6: validateSharedResourceToken
import org.jose4j.jwt.consumer.InvalidJwtException; //导入依赖的package包/类
public static String validateSharedResourceToken(Key key, String jwt) {
JwtConsumer jwtConsumer = new JwtConsumerBuilder()
.setVerificationKey(key)
.setRelaxVerificationKeyValidation()
.build();
try {
JwtClaims jwtClaims = jwtConsumer.processToClaims(jwt);
String subject = jwtClaims.getSubject();
try (JsonReader reader = Json.createReader(new StringReader(subject))) {
JsonObject subjectObject = reader.readObject(); // JsonParsingException
return subjectObject.getString(SHARED_ENTITY_UUID); // Npe
}
} catch (InvalidJwtException | MalformedClaimException | JsonParsingException | NullPointerException e) {
LOGGER.log(Level.SEVERE, "Cannot validate jwt token", e);
}
return null;
}
示例7: validateEntityToken
import org.jose4j.jwt.consumer.InvalidJwtException; //导入依赖的package包/类
public static String validateEntityToken(Key key, String jwt) {
JwtConsumer jwtConsumer = new JwtConsumerBuilder()
.setVerificationKey(key)
.setRelaxVerificationKeyValidation()
.build();
try {
JwtClaims jwtClaims = jwtConsumer.processToClaims(jwt);
String subject = jwtClaims.getSubject();
try (JsonReader reader = Json.createReader(new StringReader(subject))) {
JsonObject subjectObject = reader.readObject(); // JsonParsingException
return subjectObject.getString(ENTITY_KEY); // Npe
}
} catch (InvalidJwtException | MalformedClaimException | JsonParsingException | NullPointerException e) {
LOGGER.log(Level.SEVERE, "Cannot validate jwt token", e);
}
return null;
}
示例8: authJwt
import org.jose4j.jwt.consumer.InvalidJwtException; //导入依赖的package包/类
public static String authJwt(Audience audience, String jwt) {
if(DataHelper.isJwtExists(jwt)) {
JwtConsumer jwtConsumer = new JwtConsumerBuilder()
.setRequireExpirationTime() // the JWT must have an expiration time
.setRequireSubject() // the JWT must have a subject claim
.setExpectedIssuer(RAuthCore.JWT_ISSUER) // whom the JWT needs to have been issued by
.setExpectedAudience(audience.name()) // to whom the JWT is intended for
.setVerificationKey(RAuthCore.RSAKEY.getKey()) // verify the signature with the public key
.build(); // create the JwtConsumer instance
try {
// Validate the JWT and process it to the Claims
JwtClaims payload = jwtConsumer.processToClaims(jwt);
if(RAuthCore.USE_REDIS_EXPIRE && audience.equals(Audience.WEB))
DataHelper.setJwtExp(jwt, RAuthCore.REDIS_WEB_EXP);
return payload.toString();
} catch (InvalidJwtException e) {
// InvalidJwtException will be thrown, if the JWT failed processing or validation in anyway.
// Hopefully with meaningful explanations(s) about what went wrong.
e.printStackTrace();
}
}
return null;
}
示例9: testGetClaimsMap
import org.jose4j.jwt.consumer.InvalidJwtException; //导入依赖的package包/类
@Test
public void testGetClaimsMap() throws InvalidJwtException, MalformedClaimException
{
String json = "{\"sub\":\"subject\",\"aud\":\"audience\",\"iss\":\"issuer\"," +
"\"jti\":\"mz3uxaCcLmQ2cwAV3oJxEQ\",\"exp\":1418906607," +
"\"email\":\"[email protected]\", \"name\":\"Joe User\", \"someclaim\":\"yup\"}";
JwtClaims jwtClaims = JwtClaims.parse(json);
Map<String, Object> claimsMap = jwtClaims.getClaimsMap(INITIAL_REGISTERED_CLAIM_NAMES);
Assert.assertThat(3, equalTo(claimsMap.size()));
claimsMap = jwtClaims.getClaimsMap();
Assert.assertThat(8, equalTo(claimsMap.size()));
Collection<String> claimNames = jwtClaims.getClaimNames(INITIAL_REGISTERED_CLAIM_NAMES);
Assert.assertThat(3, equalTo(claimNames.size()));
claimNames = jwtClaims.getClaimNames(Collections.singleton(AUDIENCE));
Assert.assertThat(7, equalTo(claimNames.size()));
claimNames = jwtClaims.getClaimNames();
Assert.assertThat(8, equalTo(claimNames.size()));
Assert.assertThat(json, is(equalTo(jwtClaims.getRawJson())));
}
示例10: testNonIntegerNumericDates
import org.jose4j.jwt.consumer.InvalidJwtException; //导入依赖的package包/类
@Test
public void testNonIntegerNumericDates() throws InvalidJwtException, MalformedClaimException
{
// JWT's NumericDate says that "non-integer values can be represented"
// https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-2
// I always just assumed that it could only be integers (maybe b/c of the former IntDate name )
// but looking at the text again it looks like maybe fractional values has always been possible.
// I'm not sure I see value in truly supporting sub-second accuracy (right now, anyway) but do want to
// ensure that we handle such values reasonably, if we receive them. This test checks that we don't fail
// and just truncate the sub-second part.
JwtClaims jcs = JwtClaims.parse("{\"sub\":\"brian.d.campbell\", \"nbf\":1430602000.173, \"iat\":1430602060.5, \"exp\":1430602600.77}");
Assert.assertThat(NumericDate.fromSeconds(1430602600), equalTo(jcs.getExpirationTime()));
Assert.assertThat(NumericDate.fromSeconds(1430602060), equalTo(jcs.getIssuedAt()));
Assert.assertThat(NumericDate.fromSeconds(1430602000), equalTo(jcs.getNotBefore()));
}
示例11: validateToken
import org.jose4j.jwt.consumer.InvalidJwtException; //导入依赖的package包/类
/**
* Check if it was issued by the server and if it's not expired
* @param java_web_token
* @throws InvalidJwtException if the token is invalid
*/
private String validateToken(String java_web_token) throws InvalidJwtException {
String username = null;
RsaJsonWebKey rsaJsonWebKey = RsaKeyProducer.produce();
System.out.println("RSA hash code... " + rsaJsonWebKey.hashCode());
JwtConsumer jwtConsumer = new JwtConsumerBuilder()
.setRequireSubject() // the JWT must have a subject claim
.setVerificationKey(rsaJsonWebKey.getKey()) // verify the signature with the public key
.build(); // create the JwtConsumer instance
try {
// Validate the JWT and process it to the Claims
JwtClaims jwtClaims = jwtConsumer.processToClaims(java_web_token);
username = (String) jwtClaims.getClaimValue("sub");
System.out.println("JWT validation succeeded! " + jwtClaims);
} catch (InvalidJwtException e) {
e.printStackTrace(); //on purpose
throw e;
}
return username;
}
示例12: validateJWT
import org.jose4j.jwt.consumer.InvalidJwtException; //导入依赖的package包/类
@Test
public void validateJWT() throws Exception {
Assert.assertEquals("myAud", token.getAudience());
JwtConsumer jwtConsumer = new JwtConsumerBuilder()
.setAllowedClockSkewInSeconds(30)
.setExpectedAudience("myAud")
.setVerificationKey(config.getSignAndEncryptKey().getPublicKey())
.build();
try
{
// Validate the JWT and process it to the Claims
JwtClaims jwtClaims = jwtConsumer.processToClaims(token.getAccessToken());
Assert.assertTrue(jwtClaims.getAudience().contains("myAud"));
}
catch (InvalidJwtException e)
{
Assert.fail("Could not validate token.");
}
}
示例13: read
import org.jose4j.jwt.consumer.InvalidJwtException; //导入依赖的package包/类
public JwtClaimsAdapter read(String jwt) {
JwtConsumer jwtConsumer = new JwtConsumerBuilder()
.setRequireExpirationTime()
.setAllowedClockSkewInSeconds(30)
.setRequireSubject()
.setExpectedIssuer("registry")
.setVerificationKey(key)
.build();
try {
JwtClaims jwtClaims = jwtConsumer.processToClaims(jwt);
return new JwtClaimsAdapter(jwtClaims);
} catch (InvalidJwtException e) {
throw new RuntimeException(e);
}
}
示例14: authenticate
import org.jose4j.jwt.consumer.InvalidJwtException; //导入依赖的package包/类
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
String ticket = (String) authentication.getPrincipal();
try {
Credential ut = jwtHelper.token2payload(ticket, Credential.class);
if ("users.sign_in".equals(ut.getAction())) {
User user = userService.findByToken(ut.getProvider(), ut.getToken());
if (user != null) {
List<GrantedAuthority> auths = new ArrayList<>();
//todo
return new UsernamePasswordAuthenticationToken(ut.getProvider(), ut.getToken(), auths);
}
}
throw new BadCredentialsException(i18n.T("errors.user.bad_token"));
} catch (InvalidJwtException | MalformedClaimException e) {
throw new BadCredentialsException(i18n.T("errors.user.bad_token"), e);
}
}
示例15: token2payload
import org.jose4j.jwt.consumer.InvalidJwtException; //导入依赖的package包/类
public <T> T token2payload(String token, Class<T> clazz) throws InvalidJwtException, MalformedClaimException {
if (!token.contains(token)) {
return null;
}
JwtConsumer consumer = new JwtConsumerBuilder()
.setRequireExpirationTime()
.setAllowedClockSkewInSeconds(30)
.setRequireSubject()
.setExpectedIssuer(TOKEN_ISSUER)
.setExpectedAudience(TOKEN_AUDIENCE)
.setVerificationKey(getVerificationKey())
.build();
JwtClaims claims = consumer.processToClaims(token);
return jsonHelper.json2object(claims.getClaimValue(CLAIM_KEY, String.class), clazz);
}