当前位置: 首页>>代码示例>>Java>>正文

Java JWTClaimsSet.getClaim方法代码示例

本文整理汇总了Java中com.nimbusds.jwt.JWTClaimsSet.getClaim方法的典型用法代码示例。如果您正苦于以下问题:Java JWTClaimsSet.getClaim方法的具体用法?Java JWTClaimsSet.getClaim怎么用?Java JWTClaimsSet.getClaim使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在com.nimbusds.jwt.JWTClaimsSet的用法示例。


在下文中一共展示了JWTClaimsSet.getClaim方法的6个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: retrieveCredential

import com.nimbusds.jwt.JWTClaimsSet; //导入方法依赖的package包/类
@Override
public JWTCredential retrieveCredential(String token) {
    JWTCredential result = null;
    try {
        JWSObject jws = JWSObject.parse(token);

        String apiKey = jws.getHeader().getKeyID();
        if (apiKey != null && keys.contains(apiKey)) {

            RSAKey rsaKey = (RSAKey) jwkSet.getKeyByKeyId(apiKey).toPublicJWK();
            JWSVerifier verifier = new RSASSAVerifier(rsaKey);

            if (jws.verify(verifier)) {
                JWTClaimsSet claimsSet = JWTClaimsSet.parse(jws.getPayload().toJSONObject());

                // Verify time validity of token.
                Date creationTime = claimsSet.getIssueTime();
                Date expirationTime = claimsSet.getExpirationTime();
                Date now = new Date();
                long validityPeriod = expirationTime.getTime() - creationTime.getTime();
                if (creationTime.before(now) && now.before(expirationTime) && validityPeriod < 120000 /*2 minutes*/) {

                    JSONObject realmAccess = (JSONObject) claimsSet.getClaim("realm_access");

                    JSONArray rolesArray = (JSONArray) realmAccess.get("roles");

                    Set<String> roles = new HashSet<>();
                    rolesArray.forEach(r -> roles.add(r.toString()));

                    result = new JWTCredential(claimsSet.getSubject(), roles);
                }
            }
        }
    } catch (ParseException | JOSEException e) {
        ; // Token is not valid
    }
    return result;
}
开发者ID:atbashEE,项目名称:jsr375-extensions,代码行数:39,代码来源:DemoJWTHandler.java

示例2: retrieveCredential

import com.nimbusds.jwt.JWTClaimsSet; //导入方法依赖的package包/类
@Override
public JWTCredential retrieveCredential(String token) {
    JWTCredential result = null;
    try {
        JWSObject jws = JWSObject.parse(token);

        String apiKey = jws.getHeader().getKeyID();
        if (apiKey != null && keys.containsKey(apiKey)) {

            byte[] sharedSecret = keys.get(apiKey);
            JWSVerifier verifier = new MACVerifier(sharedSecret);

            if (jws.verify(verifier)) {
                JWTClaimsSet claimsSet = JWTClaimsSet.parse(jws.getPayload().toJSONObject());

                // Verify time validity of token.
                Date creationTime = claimsSet.getIssueTime();
                Date expirationTime = claimsSet.getExpirationTime();
                Date now = new Date();
                long validityPeriod = expirationTime.getTime() - creationTime.getTime();
                if (creationTime.before(now) && now.before(expirationTime) && validityPeriod < 120000 /*2 minutes*/) {

                    JSONObject realmAccess = (JSONObject) claimsSet.getClaim("realm_access");

                    JSONArray rolesArray = (JSONArray) realmAccess.get("roles");

                    Set<String> roles = new HashSet<>();
                    rolesArray.forEach(r -> roles.add(r.toString()));

                    result = new JWTCredential(claimsSet.getSubject(), roles);
                    result.addInfo(API_KEY, apiKey);
                }
            }
        }
    } catch (ParseException | JOSEException e) {
        ; // Token is not valid
    }
    return result;
}
开发者ID:rdebusscher,项目名称:soteria-jwt,代码行数:40,代码来源:DemoJWTHandler.java

示例3: fromToken

import com.nimbusds.jwt.JWTClaimsSet; //导入方法依赖的package包/类
@NonNull
public static ApiUser fromToken(@NonNull String token) {
  try {
    JWT jwt = JWTParser.parse(token);
    JWTClaimsSet claims = jwt.getJWTClaimsSet();
    String username = (String) claims.getClaim("name");
    @SuppressWarnings("unchecked")
    List<String> permissions = (List<String>) claims.getClaim("permissions");
    return new ApiUser(username, permissions);
  } catch (ParseException | ClassCastException e) {
    throw new IllegalArgumentException("Malformed token", e);
  }
}
开发者ID:BjoernPetersen,项目名称:AndroidMusicBot,代码行数:14,代码来源:ApiUser.java

示例4: getAuthorities

import com.nimbusds.jwt.JWTClaimsSet; //导入方法依赖的package包/类
@SuppressWarnings("unchecked")
private List<? extends GrantedAuthority> getAuthorities(JWTClaimsSet claimsSet) {
  List<String> roles = (List<String>) claimsSet.getClaim(ROLES_FIELD);
  if (roles != null) {
    return roles.stream()
        .map(role -> new SimpleGrantedAuthority(rolePrefix.orElse("")+role.toUpperCase()))
        .collect(Collectors.toList());
  }
  return new ArrayList<>();
}
开发者ID:visola,项目名称:spring-security-token-filter,代码行数:11,代码来源:UsernamePasswordAuthenticationTokenJwtClaimsSetTransformer.java

示例5: getYourMicroserviceClaimsVerifier

import com.nimbusds.jwt.JWTClaimsSet; //导入方法依赖的package包/类
/**
 * getYourMicroserviceClaimsVerifier
 * Obtains our Standard Claims Verifier.
 *
 * @return JWTClaimsVerifier Claims Verifier to be performed against a Claims Set.
 */
protected JWTClaimsVerifier getYourMicroserviceClaimsVerifier() {
    /**
     * Default JWT claims verifier. This class is thread-safe.
     *
     * Performs the following checks:
     *
     * + If an expiration time (exp) claim is present, makes sure it is ahead of the current time, else the JWT claims set is rejected.
     * + If a not-before-time (nbf) claim is present, makes sure it is before the current time, else the JWT claims set is rejected.
     *  This class may be extended to perform additional checks.
     */
    return new DefaultJWTClaimsVerifier() {
        @Override
        public void verify(JWTClaimsSet claimsSet)
                throws BadJWTException {
            /**
             * Verify the Expiration of the Token and Not Before Use.
             */
            super.verify(claimsSet);
            /**
             * Ensure Correct Issuer is from our own Eco-System.
             */
            String issuer = claimsSet.getIssuer();
            if (issuer == null || !issuer.equals(YourMicroserviceToken.YOUR_ORGANIZATION_ISSUER)) {
                throw new BadJWTException("Invalid Token issuer");
            }
            /**
             * Ensure Subject Specified.
             */
            String subject = claimsSet.getSubject();
            if (subject == null || subject.isEmpty()) {
                throw new BadJWTException("Invalid Token Subject");
            }
            /**
             * Ensure Subject Specified.
             */
            String jti = claimsSet.getJWTID();
            if (!isUUIDValid(jti)) {
                throw new BadJWTException("Invalid Token Identifier");
            }
            /**
             * Validate Audience, we need at least Once Specified.
             */
            if (claimsSet.getAudience() == null || claimsSet.getAudience().isEmpty()) {
                throw new BadJWTException("Invalid Audience");
            }
            /**
             * Ensure Your Microservice was Specified.
             */
            JSONObject yms = (JSONObject) claimsSet.getClaim(CLAIM_NAME_YOUR_MICROSERVICE);
            if (yms == null || yms.isEmpty()) {
                throw new BadJWTException("Invalid Your Microservice Claim");
            }
            /**
             * Add Additional Claims Verification Here if and when Applicable...
             */
        }
    };
}
开发者ID:jaschenk,项目名称:Your-Microservice,代码行数:65,代码来源:YourMicroserviceToken_nimbus_Impl.java

示例6: retrieveCredential

import com.nimbusds.jwt.JWTClaimsSet; //导入方法依赖的package包/类
@Override
public JWTCredential retrieveCredential(String token) {
    JWTCredential result = null;
    try {
        // Parse the JWE string
        JWEObject jweObject = JWEObject.parse(token);
        String apiKey = jweObject.getHeader().getKeyID();
        // Use this apiKey to select the correct privateKey

        RSAKey privateKey = (RSAKey) jwkSet.getKeyByKeyId(apiKey);

        // Decrypt with shared key
        jweObject.decrypt(new RSADecrypter(privateKey));

        // Extract payload
        SignedJWT signedJWT = jweObject.getPayload().toSignedJWT();

        // Check the HMAC, Optional
        signedJWT.verify(new MACVerifier(apiKey));

        // Retrieve the JWT claims...
        JWTClaimsSet claimsSet = signedJWT.getJWTClaimsSet();

        // Verify time validity of token.
        Date creationTime = claimsSet.getIssueTime();
        Date expirationTime = claimsSet.getExpirationTime();
        Date now = new Date();

        long validityPeriod = expirationTime.getTime() - creationTime.getTime();
        if (creationTime.before(now) && now.before(expirationTime) && validityPeriod < 120000 /*2 minutes*/) {

            JSONObject realmAccess = (JSONObject) claimsSet.getClaim("realm_access");

            JSONArray rolesArray = (JSONArray) realmAccess.get("roles");

            Set<String> roles = new HashSet<>();
            rolesArray.forEach(r -> roles.add(r.toString()));

            result = new JWTCredential(claimsSet.getSubject(), roles);
            result.addInfo(API_KEY, apiKey);
            result.addInfo(API_KEY, apiKey);
        }

    } catch (ParseException | JOSEException e) {
        ; // Token is not valid
    }
    return result;
}
开发者ID:rdebusscher,项目名称:soteria-jwt,代码行数:49,代码来源:DemoJWTHandler.java


注:本文中的com.nimbusds.jwt.JWTClaimsSet.getClaim方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。