本文整理汇总了Java中org.jose4j.jwe.JsonWebEncryption.setKeyIdHeaderValue方法的典型用法代码示例。如果您正苦于以下问题:Java JsonWebEncryption.setKeyIdHeaderValue方法的具体用法?Java JsonWebEncryption.setKeyIdHeaderValue怎么用?Java JsonWebEncryption.setKeyIdHeaderValue使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.jose4j.jwe.JsonWebEncryption的用法示例。
在下文中一共展示了JsonWebEncryption.setKeyIdHeaderValue方法的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: encryptIdToken
import org.jose4j.jwe.JsonWebEncryption; //导入方法依赖的package包/类
private String encryptIdToken(final OidcRegisteredService svc, final JsonWebSignature jws, final String innerJwt) throws Exception {
LOGGER.debug("Service [{}] is set to encrypt id tokens", svc);
final JsonWebEncryption jwe = new JsonWebEncryption();
jwe.setAlgorithmHeaderValue(svc.getIdTokenEncryptionAlg());
jwe.setEncryptionMethodHeaderParameter(svc.getIdTokenEncryptionEncoding());
final Optional<RsaJsonWebKey> jwks = this.serviceJsonWebKeystoreCache.get(svc);
if (!jwks.isPresent()) {
throw new IllegalArgumentException("Service " + svc.getServiceId()
+ " with client id " + svc.getClientId()
+ " is configured to encrypt id tokens, yet no JSON web key is available");
}
final RsaJsonWebKey jsonWebKey = jwks.get();
LOGGER.debug("Found JSON web key to encrypt the id token: [{}]", jsonWebKey);
if (jsonWebKey.getPublicKey() == null) {
throw new IllegalArgumentException("JSON web key used to sign the id token has no associated public key");
}
jwe.setKey(jsonWebKey.getPublicKey());
jwe.setKeyIdHeaderValue(jws.getKeyIdHeaderValue());
jwe.setContentTypeHeaderValue("JWT");
jwe.setPayload(innerJwt);
return jwe.getCompactSerialization();
}
示例2: encrypt
import org.jose4j.jwe.JsonWebEncryption; //导入方法依赖的package包/类
@Override public String encrypt(String data, PublicKey publicKey, String keyId, String contentType) throws JWEFailure {
String encrypted;
JsonWebEncryption jwe = new JsonWebEncryption();
try {
jwe.setKey(publicKey);
jwe.setPlaintext(data);
jwe.setKeyIdHeaderValue(keyId);
jwe.setContentTypeHeaderValue(contentType);
jwe.setAlgorithmHeaderValue(KeyManagementAlgorithmIdentifiers.RSA_OAEP_256);
jwe.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_256_CBC_HMAC_SHA_512);
encrypted = jwe.getCompactSerialization();
} catch (JoseException e) {
throw new JWEFailure("An error occurred attempting to encrypt a JWE", e);
}
return encrypted;
}
示例3: jwtECIdTokenConsumer
import org.jose4j.jwe.JsonWebEncryption; //导入方法依赖的package包/类
/**
* JWT 生成 idToken+加密, 进行消费(consume)
* 使用EC
*
* @throws Exception
*/
@Test
public void jwtECIdTokenConsumer() throws Exception {
// String keyId = GuidGenerator.generate();
EllipticCurveJsonWebKey sendJwk = EcJwkGenerator.generateJwk(EllipticCurves.P256);
sendJwk.setKeyId(GuidGenerator.generate());
final String publicKeyString = sendJwk.toJson(JsonWebKey.OutputControlLevel.PUBLIC_ONLY);
final String privateKeyString = sendJwk.toJson(JsonWebKey.OutputControlLevel.INCLUDE_PRIVATE);
System.out.println("publicKeyString: " + publicKeyString);
System.out.println("privateKeyString: " + privateKeyString);
//生成 idToken
final JwtClaims jwtClaims = getJwtClaims();
JsonWebSignature jws = new JsonWebSignature();
jws.setPayload(jwtClaims.toJson());
//私钥
jws.setKey(sendJwk.getPrivateKey());
jws.setKeyIdHeaderValue(sendJwk.getKeyId());
jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256);
String innerIdToken = jws.getCompactSerialization();
assertNotNull(innerIdToken);
System.out.println("innerIdToken: " + innerIdToken);
//对 idToken 进行加密
JsonWebEncryption jwe = new JsonWebEncryption();
jwe.setAlgorithmHeaderValue(KeyManagementAlgorithmIdentifiers.ECDH_ES_A128KW);
String encAlg = ContentEncryptionAlgorithmIdentifiers.AES_128_CBC_HMAC_SHA_256;
jwe.setEncryptionMethodHeaderParameter(encAlg);
EllipticCurveJsonWebKey receiverJwk = EcJwkGenerator.generateJwk(EllipticCurves.P256);
receiverJwk.setKeyId(GuidGenerator.generate());
jwe.setKey(receiverJwk.getPublicKey());
jwe.setKeyIdHeaderValue(receiverJwk.getKeyId());
jwe.setContentTypeHeaderValue("JWT");
jwe.setPayload(innerIdToken);
String idToken = jwe.getCompactSerialization();
assertNotNull(idToken);
System.out.println("idToken: " + idToken);
//解析idToken, 验签
JwtConsumer jwtConsumer = new JwtConsumerBuilder()
.setRequireExpirationTime() // the JWT must have an expiration time
.setRequireSubject() // the JWT must have a subject claim
.setExpectedIssuer("Issuer") // whom the JWT needs to have been issued by
.setExpectedAudience("Audience") // to whom the JWT is intended for
//解密的私钥
.setDecryptionKey(receiverJwk.getPrivateKey()) // decrypt with the receiver's private key
//验签的公钥
.setVerificationKey(sendJwk.getPublicKey()) // verify the signature with the sender's public key
.build(); // create the JwtConsumer instance
final JwtClaims claims = jwtConsumer.processToClaims(idToken);
assertNotNull(claims);
System.out.println(claims);
}
示例4: jwtECIdTokenConsumer
import org.jose4j.jwe.JsonWebEncryption; //导入方法依赖的package包/类
/**
* JWT 生成 idToken+加密, 进行消费(consume)
* 使用EC
*
* @throws Exception
*/
@Test
public void jwtECIdTokenConsumer() throws Exception {
// String keyId = GuidGenerator.generate();
EllipticCurveJsonWebKey sendJwk = EcJwkGenerator.generateJwk(EllipticCurves.P256);
sendJwk.setKeyId(RandomUtils.randomText());
final String publicKeyString = sendJwk.toJson(JsonWebKey.OutputControlLevel.PUBLIC_ONLY);
final String privateKeyString = sendJwk.toJson(JsonWebKey.OutputControlLevel.INCLUDE_PRIVATE);
System.out.println("publicKeyString: " + publicKeyString);
System.out.println("privateKeyString: " + privateKeyString);
//生成 idToken
final JwtClaims jwtClaims = getJwtClaims();
JsonWebSignature jws = new JsonWebSignature();
jws.setPayload(jwtClaims.toJson());
//私钥
jws.setKey(sendJwk.getPrivateKey());
jws.setKeyIdHeaderValue(sendJwk.getKeyId());
jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256);
String innerIdToken = jws.getCompactSerialization();
assertNotNull(innerIdToken);
System.out.println("innerIdToken: " + innerIdToken);
//对 idToken 进行加密
JsonWebEncryption jwe = new JsonWebEncryption();
jwe.setAlgorithmHeaderValue(KeyManagementAlgorithmIdentifiers.ECDH_ES_A128KW);
String encAlg = ContentEncryptionAlgorithmIdentifiers.AES_128_CBC_HMAC_SHA_256;
jwe.setEncryptionMethodHeaderParameter(encAlg);
EllipticCurveJsonWebKey receiverJwk = EcJwkGenerator.generateJwk(EllipticCurves.P256);
receiverJwk.setKeyId(RandomUtils.randomText());
jwe.setKey(receiverJwk.getPublicKey());
jwe.setKeyIdHeaderValue(receiverJwk.getKeyId());
jwe.setContentTypeHeaderValue("JWT");
jwe.setPayload(innerIdToken);
String idToken = jwe.getCompactSerialization();
assertNotNull(idToken);
System.out.println("idToken: " + idToken);
//解析idToken, 验签
JwtConsumer jwtConsumer = new JwtConsumerBuilder()
.setRequireExpirationTime() // the JWT must have an expiration time
.setRequireSubject() // the JWT must have a subject claim
.setExpectedIssuer("Issuer") // whom the JWT needs to have been issued by
.setExpectedAudience("Audience") // to whom the JWT is intended for
//解密的私钥
.setDecryptionKey(receiverJwk.getPrivateKey()) // decrypt with the receiver's private key
//验签的公钥
.setVerificationKey(sendJwk.getPublicKey()) // verify the signature with the sender's public key
.build(); // create the JwtConsumer instance
final JwtClaims claims = jwtConsumer.processToClaims(idToken);
assertNotNull(claims);
System.out.println(claims);
}
示例5: ctyRoundTrip
import org.jose4j.jwe.JsonWebEncryption; //导入方法依赖的package包/类
@Test
public void ctyRoundTrip() throws JoseException, InvalidJwtException, MalformedClaimException
{
JsonWebKeySet jwks = new JsonWebKeySet("{\"keys\":[" +
"{\"kty\":\"oct\",\"kid\":\"hk1\",\"alg\":\"HS256\",\"k\":\"RYCCH0Qai_7Clk_GnfBElTFIa5VJP3pJUDd8g5H0PKs\"}," +
"{\"kty\":\"oct\",\"kid\":\"ek1\",\"alg\":\"A128KW\",\"k\":\"Qi38jqNMENlgKaVRbhKWnQ\"}]}");
SimpleJwkFilter filter = new SimpleJwkFilter();
filter.setKid("hk1", false);
JsonWebKey hmacKey = filter.filter(jwks.getJsonWebKeys()).iterator().next();
filter = new SimpleJwkFilter();
filter.setKid("ek1", false);
JsonWebKey encKey = filter.filter(jwks.getJsonWebKeys()).iterator().next();
JwtClaims claims = new JwtClaims();
claims.setSubject("subject");
claims.setAudience("audience");
claims.setIssuer("issuer");
claims.setExpirationTimeMinutesInTheFuture(10);
claims.setNotBeforeMinutesInThePast(5);
claims.setGeneratedJwtId();
JsonWebSignature jws = new JsonWebSignature();
jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.HMAC_SHA256);
jws.setPayload(claims.toJson());
jws.setKey(hmacKey.getKey());
jws.setKeyIdHeaderValue(hmacKey.getKeyId());
String innerJwt = jws.getCompactSerialization();
JsonWebEncryption jwe = new JsonWebEncryption();
jwe.setAlgorithmHeaderValue(KeyManagementAlgorithmIdentifiers.A128KW);
jwe.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_128_CBC_HMAC_SHA_256);
jwe.setKey(encKey.getKey());
jwe.setKeyIdHeaderValue(encKey.getKeyId());
jwe.setContentTypeHeaderValue("JWT");
jwe.setPayload(innerJwt);
String jwt = jwe.getCompactSerialization();
JwtConsumer jwtConsumer = new JwtConsumerBuilder()
.setExpectedIssuer("issuer")
.setExpectedAudience("audience")
.setRequireSubject()
.setRequireExpirationTime()
.setDecryptionKey(encKey.getKey())
.setVerificationKey(hmacKey.getKey())
.build();
JwtContext jwtContext = jwtConsumer.process(jwt);
Assert.assertThat("subject", equalTo(jwtContext.getJwtClaims().getSubject()));
List<JsonWebStructure> joseObjects = jwtContext.getJoseObjects();
JsonWebStructure outerJsonWebObject = joseObjects.get(joseObjects.size() - 1);
Assert.assertTrue(outerJsonWebObject instanceof JsonWebEncryption);
Assert.assertThat("JWT", equalTo(outerJsonWebObject.getContentTypeHeaderValue()));
Assert.assertThat("JWT", equalTo(outerJsonWebObject.getHeader(HeaderParameterNames.CONTENT_TYPE)));
Assert.assertThat("JWT", equalTo(outerJsonWebObject.getHeaders().getStringHeaderValue(HeaderParameterNames.CONTENT_TYPE)));
JsonWebStructure innerJsonWebObject = joseObjects.get(0);
Assert.assertTrue(innerJsonWebObject instanceof JsonWebSignature);
}