本文整理汇总了Java中org.springframework.security.jwt.crypto.sign.InvalidSignatureException类的典型用法代码示例。如果您正苦于以下问题:Java InvalidSignatureException类的具体用法?Java InvalidSignatureException怎么用?Java InvalidSignatureException使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
InvalidSignatureException类属于org.springframework.security.jwt.crypto.sign包,在下文中一共展示了InvalidSignatureException类的8个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: authenticate
import org.springframework.security.jwt.crypto.sign.InvalidSignatureException; //导入依赖的package包/类
@Override
public Authentication authenticate(Authentication t)
throws AuthenticationException {
JWTToken jwtToken = (JWTToken) t;
try {
String username = jwtToken.getClaims().getUsername();
String secret = usernameAuthBean.getUserSecret().get(username);
if (secret != null) {
MacSigner signer = new MacSigner(secret);
JwtHelper.decodeAndVerify(jwtToken.getToken(), signer);
jwtToken.setAuthenticated(Boolean.TRUE);
String role = usernameAuthBean.getUserRoles().get(username);
jwtToken.addRole(role);
}
} catch (InvalidSignatureException e) {
return null;
}
return jwtToken;
}
示例2: verifyToken
import org.springframework.security.jwt.crypto.sign.InvalidSignatureException; //导入依赖的package包/类
/**
* Verifies the specified token, refreshing the cached token verification key if needed.
*
* @param tokenString
*/
protected void verifyToken(String tokenString) {
try {
verify(tokenString);
} catch (InvalidSignatureException e) {
refreshTokenKey();
verify(tokenString);
}
}
示例3: testLoadAuthenticationForInvalidPublicKey
import org.springframework.security.jwt.crypto.sign.InvalidSignatureException; //导入依赖的package包/类
@Test
public void testLoadAuthenticationForInvalidPublicKey() throws IOException {
String publicKey = FileReaderUtils.readFileFromClasspath("invalid_token_key.pub");
CachedRemoteTokenService tokenService = new CachedRemoteTokenService("clientId", "clientSecret", "http://localhost:8089", publicKey, identityClient);
try {
tokenService.loadAuthentication(token);
} catch (InvalidSignatureException e) {
Assert.assertEquals("RSA Signature did not match content", e.getMessage());
}
}
示例4: testLoadAuthenticationForInvalidMacKeyUsed
import org.springframework.security.jwt.crypto.sign.InvalidSignatureException; //导入依赖的package包/类
@Test
public void testLoadAuthenticationForInvalidMacKeyUsed() throws IOException {
CachedRemoteTokenService tokenService = new CachedRemoteTokenService("clientId", "clientSecret", "http://localhost:8089", "alma", identityClient);
try {
tokenService.loadAuthentication(token);
} catch (InvalidSignatureException e) {
Assert.assertEquals("Calculated signature did not match actual value", e.getMessage());
}
}
示例5: testLoadAuthenticationForInvalidMacKey
import org.springframework.security.jwt.crypto.sign.InvalidSignatureException; //导入依赖的package包/类
@Test
public void testLoadAuthenticationForInvalidMacKey() throws IOException {
String ssoToken = FileReaderUtils.readFileFromClasspath("sso_token_mac_signed.txt");
CachedRemoteTokenService tokenService = new CachedRemoteTokenService("clientId", "clientSecret", "http://localhost:8089", "korte", identityClient);
try {
tokenService.loadAuthentication(ssoToken);
} catch (InvalidSignatureException e) {
Assert.assertEquals("Calculated signature did not match actual value", e.getMessage());
}
}
示例6: decodeAndVerify
import org.springframework.security.jwt.crypto.sign.InvalidSignatureException; //导入依赖的package包/类
@Nullable
@Override
public BlueWebToken decodeAndVerify(@Nonnull final String idToken){
final long now = System.currentTimeMillis();
if(log.isTraceEnabled()){
log.trace("Decoding token [" + idToken + "]");
}
try{
Jwt jwt = JwtHelper.decode(idToken);
// Get the key ID we need to use to verify the token
String keyId = getKeyId(idToken);
if("".equals(keyId.trim())){
log.warn("Failed to retrieve key ID for token");
return null;
}
BlueWebToken token = typeSecuredObjectMapper().readValue(
jwt.getClaims(),
BlueWebToken.class);
// Get the key and verify the JWT signature
RSAPublicKey key = rsaPublicKey(keyId, token.getAuthContextReference());
jwt.verifySignature(new RsaVerifier(key));
// Validate the nonce
if(!nonceService.isValid(token.getNonce())){
log.warn("Failed to validate nonce in token. This could be a replay attack.");
return null;
}
if(!claimValidationService.validateAudience(token)){
log.warn("Failed to validate audience in token. This could be a replay attack.");
return null;
}
if(!claimValidationService.validateIssuer(token)){
log.warn("Failed to validate issuer of token. This could be a replay attack.");
return null;
}
if(!claimValidationService.validateNotBefore(token, now)){
log.warn("Failed to validate notBefore time in token. This could be a replay attack. 'Now' milliseconds: " + now + "; 'NotBefore' milliseconds: " + token
.getNotBefore()
.toInstant()
.toEpochMilli());
return null;
}
if(!claimValidationService.validateExpiration(token, now)){
log.warn("Failed to validate expiration time in token. This could be a replay attack. 'Now' milliseconds: " + now + "; 'Expiration' milliseconds: " + token
.getExpiration()
.toInstant()
.toEpochMilli());
return null;
}
return token;
}catch(IOException | IllegalArgumentException | InvalidSignatureException x){
log.warn("Failed to extract data from JWT token: " + x.getMessage(), x);
}
return null;
}
示例7: invalidHmacSignatureRaisesException
import org.springframework.security.jwt.crypto.sign.InvalidSignatureException; //导入依赖的package包/类
@Test(expected=InvalidSignatureException.class)
public void invalidHmacSignatureRaisesException() {
JwtHelper.decode(JOE_HMAC_TOKEN).verifySignature(new MacSigner("differentkey".getBytes()));
}
示例8: invalidRsaSignatureRaisesException
import org.springframework.security.jwt.crypto.sign.InvalidSignatureException; //导入依赖的package包/类
@Test(expected = InvalidSignatureException.class)
public void invalidRsaSignatureRaisesException() {
JwtHelper.decodeAndVerify(JOE_RSA_TOKEN, new RsaVerifier(N, D));
}